BYOK Notice

Bring Your Own Key Notice

Last updated: 17 May 2026 · Operator contact: tobyfoy224@gmail.com

What BYOK Means

BYOK means Bring Your Own Key. Each Discord server administrator provides a Gemini API key for that server.

The bot operator provides the Discord bot infrastructure. The server's Gemini API usage is charged to, limited by, and governed through the Gemini key provided by that server administrator.

What Happens During /initialise

1. A server administrator runs /initialise.
2. Discord opens a private modal.
3. The administrator submits the Gemini API key.
4. The bot validates the key with a minimal Gemini request.
5. If valid, the bot encrypts the key with AES-256-GCM.
6. The encrypted key and metadata are stored in SQLite.

The plaintext key is not intentionally logged or displayed.

What Is Stored

• Discord guild/server ID.
• Encrypted Gemini API key.
• AES-GCM IV and authentication tag.
• Key version.
• Keyed fingerprint for change detection.
• Discord user ID of the administrator who updated the key.
• Created and updated timestamps.

The bot does not need to store plaintext Gemini keys.

Who Can Manage The Key

Only Discord server administrators can:

• Run /initialise.
• Run /key status.
• Run /key remove.

Billing and Provider Terms

Server administrators are responsible for:

• Gemini API billing.
• Gemini API quota usage.
• Access control for their Google/Gemini account.
• Compliance with Google/Gemini terms and policies.

If the key is removed or invalid, Gemini-backed commands will stop working for that server until /initialise is run again.

Removing or Rotating a Key

To remove a key, run /key remove.

To rotate a key:

1. Revoke or rotate it in Google/Gemini.
2. Run /key remove.
3. Run /initialise with the new key.
4. Run /test.