Trust center

Security Overview

Last updated: July 14, 2026

Till reduces routine distribution of upstream AI provider credentials. It is a proxy control layer, not a zero-knowledge system or a replacement for your provider’s billing and security controls.

Credential design

Usage-control boundary

Activation and conservative token or spend capacity are reserved before a budgeted request is forwarded, then settled to provider-reported actual usage. A token- or spend-budgeted generation request must declare max_tokens, max_completion_tokens, max_output_tokens, or Google generationConfig.maxOutputTokens. Spend-limited requests require a model in Till’s pricing table; unknown-priced models are rejected. Cost remains an operational estimate and may differ from the provider invoice, so retain provider-side budgets and alerts.

Data path

Request and response bodies transit the Till proxy and the provider selected by the scoped key. Till does not intentionally persist those bodies in its application database. Infrastructure may retain metadata such as IP address, route, timing, status, and errors. See the Privacy Notice.

Customer controls

Assurance status

Till is an early beta and does not currently claim SOC 2, ISO 27001, HIPAA, PCI DSS service-provider, FedRAMP, or similar certification. No public penetration-test report, bug bounty, or uptime SLA is currently offered.

Report a vulnerability

Follow security.txt. Use the operator's public contact route or the private method supplied during onboarding. The public route currently redirects to X direct messages and may require an X account. Do not include live credentials, personal data, or exploit data in an initial report. We will acknowledge reports as capacity allows; no response-time SLA is promised during beta.