Gonka Broker / Decentralized AI API
Security
Account, API-key, payment, and gateway safeguards used by gonka.broker.
Gateway safeguards
- HTTPS API transport
- Hashed customer API credentials
- Prepaid balances, daily limits, and concurrency controls
- Bounded retries and an upstream kill switch
- Reasoning-field sanitization before responses reach clients
- Idempotency controls for ledger and payment operations
Protect your API key
Keep API keys in environment variables or a secret manager. Do not embed a key in public browser JavaScript or source control. Revoke and replace a suspected key through support.
Payments
Account top-ups are currently unavailable. USDT TRC20 is planned as the first supported network. No deposit address is issued, and the service will never request a wallet seed phrase or private key.
Responsible disclosure
A dedicated security reporting channel will be published before general availability. Do not submit vulnerability details through account registration.