AnchorKey
Your phone holds the key.
AnchorKey is a credential broker for people who run their own infrastructure but don't want to run a credential server. The Apple device you already carry holds the vault, signs every authorization, and never lets a long-lived secret leave its Secure Enclave.
A small Go binary — anchorkey-relay — runs on your own
tailnet (Fly.io free tier, $5 VPS, Mac mini, Pi) and handles the
always-on work: webhook ingress, schedulers, outbound API proxying,
integration runtime. It uses only short-lived
(≤ 1 hour) capability tokens minted by your phone.
The defining constraint
Every act of authority must touch your phone, and no long-lived secret ever leaves it.
Pairing, adding a credential, approving a high-value action, rotating a key, recovering from device loss — all gated by biometric on the phone. The relay can consume capabilities but cannot create authority. Compromise the relay, lose the next hour's traffic; the vault stays intact.
Six operational patterns, one architecture
- Outbound API — call Stripe, GitHub, or any service with credentials injected per-request.
- Inbound webhook — receive callbacks; verify; queue for biometric approval.
- Polling — scheduler wakes; fetches via proxy; triggers rules.
- Browser automation — broker mints a short-lived token to a runner.
- External compute orchestration — provision and manage cloud nodes from your phone; remote nodes never hold secrets.
- Device-as-signal — location, presence, sensor data feed your policy engine as first-class inputs.
Status
Pre-v1 internal beta. Architecture validation only. Not for production use. The source repository is private during the beta; contact us for access.