T
TKN
v2.3.1 · SHIPPED 2026-05-14

Stop AI bills
from bleeding you
at 03:00.

TKN is a token-level firewall and pager for LLM spend. It watches every call to OpenAI, Anthropic and Gemini in real time, trips alarms on velocity spikes, and gives you a swipe-to-revoke kill switch on your phone.

$ npx @tknapp/cli login
▶ OPEN CONSOLE READ THE FIELD MANUAL →
TOKENS WATCHED · ALL TIME
14,302,889,041
$ SAVED · LAST 30 DAYS
$2,418,907
KEYS REVOKED · ALL TIME
11,442
MEDIAN PAGE TO REVOKE
187 ms
OPENAI · CHATGPT · GPT-4O · O3 · O4-MINI ANTHROPIC · CLAUDE OPUS · SONNET · HAIKU GOOGLE · GEMINI 2.5 PRO · FLASH X.AI · GROK-3 MISTRAL · COHERE · DEEPSEEK · TOGETHER SOC2 II · GDPR · LOCAL ENCLAVE OPENAI · CHATGPT · GPT-4O · O3 · O4-MINI ANTHROPIC · CLAUDE OPUS · SONNET · HAIKU GOOGLE · GEMINI 2.5 PRO · FLASH X.AI · GROK-3 MISTRAL · COHERE · DEEPSEEK · TOGETHER SOC2 II · GDPR · LOCAL ENCLAVE
/ 00 · THREAT MODEL

The invoice arrives
after the bleed stops.

Stripe and your cloud bill catch finance. Nobody catches a leaked OpenAI key at 02:14 on a Saturday. By the time you notice, you've shipped your runway to a teenager in São Paulo.

$47,200
burned over one weekend.
One leaked sk-proj key.
— retro from a real seed-stage YC company, anonymised.
3:11 AM
page fires.
It's already $2,140.
— median time-to-detect for unmonitored prod keys.
Your CFO
doesn't speak gpt-4o.
She speaks subpoena.
— so translate. With hard numbers. In real time.
/ 01 · THE CONSOLE

A pager for your
token spend.

Total spend today, sized for the lockscreen. Every model, every key, every watcher in one dense scrollable feed. No charts. No bubbles. Just numbers that change.

LIVE / iOS · ANDROID · WATCHOS

Token-level visibility,
at the speed of paging.

The Console is what your on-call sees when the alarm trips. One screen, one number, one decision: kill or hold.

  • 01Hero spend. $X.XXXX in font-mono so you can read it through panic.
  • 02Active watchers feed. Model, in/out tokens, cost — all tabular-nums, no jitter.
  • 03$/sec sparkline. Hard step-plot, last 36 seconds. Spikes are obvious.
  • 0424h projection. Burn-rate envelope with breach ETA. Calibrated, not optimistic.
  • 05Heavy haptics. Critical pages thump. Info pages tap. You'll know which is which without looking.
▌ LIVE / 14:02:11NODE TKN-07
TOTAL SPEND · TODAY
$237.4012
TOKENS
14.3M
VELOCITY · $/MIN
0.87 ·
ACTIVE WATCHERS · 6
O
gpt-4o
24.5k IN / 12.1k OUT
$0.42
O
gpt-4o-mini
SPIKE · 41 r/s
$1.84
A
claude-sonnet-4
91.2k IN / 22.8k OUT
$0.62
G
gemini-2.5-pro
18.3k IN / 4.9k OUT
$0.08
/ 02 · THE ARSENAL

Velocity rules.
And a kill switch.

Write rules in plain language. When they trip, TKN pages you AND can pause traffic before the page even lands. If it's already on fire, swipe the red block at the bottom of the screen.

RULE-01 · ARMED
IF spend > $5.00 IN 10m THEN [ALERT & PAUSE]
RULE-02 · ARMED
IF rps > 200 IN 60s THEN [NOTIFY]
RULE-03 · ARMED
IF tok/req > 8k IN 5m THEN [BLOCK MODEL]
▌ THE KILL SWITCH

One swipe.
Every key. Gone.

A 90% drag commits. Less, and it snaps back. The thumb is heavy on purpose — accidental revocations cost more than missed spikes.

  • Median revoke completes in 187 ms.
  • Optional scope: one key, one provider, or all.
  • Heavy haptic on success. Three quick on failure.
REVOKES 7 KEYS · IRREVERSIBLE
SWIPE TO REVOKE ALL KEYS ▶▶▶
▶▶
ALL DEPENDENT SERVICES RETURN 401 WITHIN 200 MS.
KEYS MUST BE REISSUED BY YOUR PROVIDER.
/ 03 · THE CLI

The whole pager,
in a terminal.

Ships as @tknapp/cli — the tokn command. No daemon, no telemetry, no Electron. Pipes to whatever your incident process speaks — Slack, PagerDuty, or just a shell that quits and SIGTERMs your worker pool.

tokn — /usr/local/bin/tokn — 92×34
$ tokn login
→ mounted local enclave at ~/.tkn (AES-256, hardware-bound)
→ registered 4 keys · 0 leaked secrets in repo
✓ ready
 
$ tokn status --live
┌────────────────────────────────────────────────────────────────────┐
▌ LIVE / 14:02:11 NODE TKN-07 │
├────────────────────────────────────────────────────────────────────┤
│ [O] gpt-4o 24.5k/12.1k 18 r/s $0.42
[O] gpt-4o-mini 188.2k/49.1k 41 r/s SPIKE $1.84
│ [A] claude-sonnet-4 91.2k/22.8k 22 r/s $0.62
│ [G] gemini-2.5-pro 18.3k/ 4.9k 9 r/s $0.08
└────────────────────────────────────────────────────────────────────┘
⚠ rule-01 tripped at 14:02:11 · spend 5.34/10m
 
$ tokn kill --yes
sk-proj-…ax7 REVOKING [===] REVOKED
sk-ant-…kQ9 REVOKING [===] REVOKED
✓ revoked · 401 returning in 187 ms · log: ~/.tkn/audit/2026-05-23.log
$
FIELD COMMANDS
tokn login
Mount the local enclave (~/.tkn), register provider keys.
tokn status
Combined spend today across every provider. tail -f for your AI bill.
tokn watchers
Per-model tokens in/out, requests/sec, and cost.
tokn rules
List the armed velocity rules and how often they've tripped.
tokn kill
Revoke one key, one provider, or all of it. Confirm before fire.
tokn whoami
Show which providers TKN has keys for, masked.
/ 04 · THE MCP SERVER

Let your agent
see its own bill.

TKN ships a Model Context Protocol server. Drop it into Claude Desktop, Cursor, or your custom harness, and your agent gets read+revoke capabilities scoped to its own keys. Self-policing autonomy.

/ TOPOLOGY
YOUR AGENTclaude · cursor · langgraph
↓ tools/call
▌ TKN MCP SERVERstdio · tokn-mcp
↓ enforce + observe
PROVIDERopenai · anthropic · gemini
/ MCP CONFIG · claude_desktop_config.json 
{
  "mcpServers": {
    "tkn": {
      "command": "tokn-mcp"
    }
  }
}
/ EXPOSED TOOLS
tkn_get_spend(provider?)
Today's combined spend, total tokens, and per-model breakdown.
tkn_list_watchers(provider?)
Active watchers with tokens in/out, requests/sec, and cost.
tkn_list_rules()
The armed velocity rules and how often each has tripped.
tkn_revoke_keys()
Kill switch. Revoke every stored key. Irreversible.
/ 05 · THE VAULT

Keys never leave
your device.

The mobile enclave is the iOS Keychain; the CLI enclave is ~/.tkn on your machine. The dashboard reads your providers directly. Our servers do not hold your keys.

AES-256-GCM

LOCAL ENCLAVE

iOS Keychain (Secure Enclave-backed, device-only) on mobile; per-machine derived key on desktop. No cloud reads in the local-only configuration.

FACE ID

BIOMETRIC LOCK

The app locks behind Face ID when keys are present. Reveal and revoke can require a second biometric confirm.

AUDIT LEDGER

Every revoke, pause, and rule trip is append-only signed JSONL. Pipe it to your SIEM or git-commit it.

Encrypted at rest    Device-only by default    No raw keys on our servers
READ THE PRIVACY POLICY →
/ 06 · PRICING

It pays for itself
the first time.

Start free on one provider. Go Pro for unlimited providers, push alerts, and the kill switch. The first key you defend pays for the year.

FREE
$0 /mo
Individual builders and side projects still in dev.
  • 1 connected provider
  • Read-only spend dashboard
  • CLI & MCP server (full)
  • Manual refresh
GET ON THE APP STORE
PRO
$9.99 /mo
Indie hackers and teams shipping real AI features.
  • Unlimited providers
  • Velocity push alerts
  • The kill switch
  • Burn-rate projections
  • Or $99 once — lifetime
▶ GO PRO
TEAM
CALL
Production AI at startups and regulated teams.
  • Multi-seat pager rotations
  • Slack & PagerDuty
  • Extended audit retention
  • SSO & priority support
REQUEST BRIEFING
▌ ARMED · STANDBY · WAITING ON YOU

Install TKN before
your next invoice.

It takes 90 seconds. The first key you defend pays for the year.

$ npx @tknapp/cli login
▶ OPEN CONSOLE SEE PRICING