Terms of Service

ShieldNode is a secure API proxy gateway that allows users to create virtual proxy keys for third-party APIs. The service:

• Stores your real API credentials in encrypted form (AES-256-GCM).
• Generates virtual proxy keys that route requests to the target API on your behalf.
• Provides access controls including rate limits, spending budgets, and endpoint restrictions on virtual keys.
• Logs request metadata (method, path, status, latency) but does not log request or response bodies.

ShieldNode acts as an intermediary proxy only. We are not affiliated with, endorsed by, or responsible for any third-party API provider whose service you connect through ShieldNode.

You must be at least 16 years old to use ShieldNode. By using the service, you represent that you are of legal age and have the authority to enter into these Terms. If you are using ShieldNode on behalf of an organization, you represent that you have the authority to bind that organization to these Terms.

• You are responsible for maintaining the security of your account credentials.
• You must notify us immediately at contact@shieldnode.app if you suspect unauthorized access to your account.
• You are responsible for all activity that occurs under your account.
• You may not share your account with others. Each user must create their own account.

You agree not to use ShieldNode to:

• Violate any applicable law, regulation, or third-party terms of service (including those of the target APIs you connect).
• Proxy traffic to APIs that you do not have authorization to access.
• Conduct denial-of-service attacks, scraping at abusive scale, or any activity that degrades our infrastructure or the target APIs.
• Distribute virtual keys for access to illegal content, adult platforms without age verification, or services that violate applicable laws.
• Circumvent rate limits, billing systems, or access controls.
• Reverse engineer, decompile, or attempt to extract the source code of ShieldNode.
• Resell or sublicense access to ShieldNode without our written permission.

We reserve the right to suspend or terminate accounts that violate these rules without prior notice.

When you create a virtual key and share it with a third party (teammate, client, AI agent, etc.), you are responsible for:

• All requests made using that virtual key, whether authorized by you or not.
• Revoking the key promptly when access is no longer needed.
• Any misuse, abuse, or unauthorized use of virtual keys you have distributed.

ShieldNode provides instant key revocation (effective in under one second) as a tool to limit exposure. It is your responsibility to use this tool appropriately. We are not liable for charges, damages, or policy violations resulting from your distribution of virtual keys.

ShieldNode is a proxy service. We have no control over the third-party APIs you connect. We are not liable for:

• Downtime, errors, or rate limiting by the target API provider.
• Changes to a target API's authentication scheme, endpoints, or pricing that affect your use of ShieldNode.
• Any charges incurred on your target API account as a result of proxied requests (including unauthorized requests made via distributed virtual keys).
• Data loss resulting from third-party infrastructure failures (Supabase, Render, Vercel).

To the maximum extent permitted by applicable law, our total liability to you for any claim arising from or related to this agreement shall not exceed the amount you paid to us in the 12 months preceding the claim, or $100 USD, whichever is greater.

In no event shall we be liable for any indirect, incidental, special, consequential, or punitive damages, even if we have been advised of the possibility of such damages.

ShieldNode is provided "as is" and "as available" without warranties of any kind, either express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, or non-infringement.

We do not warrant that the service will be uninterrupted, error-free, or that any data stored will remain accessible. We recommend maintaining backups of any credentials or configurations stored in ShieldNode.

We encrypt your API credentials at rest using AES-256-GCM and transmit all data over TLS. However, no security measure is perfect. You acknowledge that:

• You use the service at your own risk.
• You should use the minimum necessary credential scope when adding services to ShieldNode (e.g., read-only keys where possible).
• You should set rate limits and budgets on virtual keys to limit potential exposure.

You may delete your account at any time from the settings page. Upon deletion, your encrypted credentials and all associated data are permanently deleted from our systems within 30 days.

We may suspend or terminate your account immediately and without notice if you violate these Terms, engage in fraudulent activity, or if we reasonably believe continued access poses a security risk. We will make reasonable efforts to notify you after the fact.

We reserve the right to modify, suspend, or discontinue any part of ShieldNode at any time. For material changes that affect paid subscribers, we will provide at least 30 days notice by email. Your continued use after changes take effect constitutes acceptance.

These Terms are governed by the laws of the State of Delaware, United States, without regard to its conflict of law principles.

Any dispute arising from these Terms shall first be attempted to be resolved through informal negotiation. If not resolved within 30 days, disputes shall be submitted to binding arbitration in Delaware under the rules of the American Arbitration Association (AAA), except that either party may seek injunctive relief in a court of competent jurisdiction.

You waive any right to participate in a class action lawsuit or class-wide arbitration against ShieldNode.

• Entire Agreement — These Terms, together with the Privacy Policy and Cookie Policy, constitute the entire agreement between you and Dorunaitsu LLC regarding ShieldNode.
• Severability — If any provision of these Terms is found invalid or unenforceable, the remaining provisions remain in full force.
• No Waiver — Failure to enforce any provision of these Terms does not constitute a waiver of that provision.
• Assignment — You may not assign your rights under these Terms. We may assign our rights in connection with a merger, acquisition, or sale of assets.

For questions about these Terms: