Decoy sits between you and frontier models. Sensitive details are swapped for opaque tokens before they leave your device, so the model can do its work without ever seeing what's underneath.
The Problem
The customer list. The salary review. The patient cohort. The deal pipeline. The board pack. The contracts. The data worth analysing is exactly the data you can't send.
So you work around it. Strip columns. Rename clients. Paste a sanitised version and hope the rest is enough. The reasoning is right there. Your data can't get to it.
The Idea
Decoy dehydrates your data before it leaves the device. The cloud reasons over the dry version. Your machine rehydrates the answer locally, with the real values restored. The model gets the problem. Your data stays where it belongs.
How It Works
The left is yours. The right is what crosses the network. The mapping below is the difference, and it never leaves your browser.
Acme Corp bought 4,200 units in Q3 at $89 per unit. Their account manager Sarah Chen reports they're considering doubling their order in Q4. Forecast revenue and flag risk.
[C_8847] bought [N_2201] units in [P_03] at [N_2202] per unit. Their account manager [P_4419] reports they're considering doubling their order in [P_04]. Forecast revenue and flag risk.
What This Does
The cloud model never sees a name, a number, a customer, or a salary. The mapping is held in your browser memory and destroyed when you end the session. It's not "we promise we won't look." It's "there is nothing for anyone to look at."
LLMs are unreliable at arithmetic. Decoy doesn't ask them to do it. The cloud plans the analysis. Your machine computes it. Every formula is visible, every input is auditable. You can show your CFO the working.
You stop stripping the columns. You stop renaming the clients. You stop pasting the sanitised version. The architecture handles what the workaround was for.
What It's For
Decoy is for people who treat their data as theirs. Whether that's a patient cohort, a customer book, a salary review, or a deal pipeline, if it would be inappropriate to paste into a cloud chat, it's the data Decoy is built for.
What it does today: analytical work on structured data. Forecasting, comparison, ranking, aggregation, variance, cohort summary. The kind of question you'd otherwise put in front of Excel, but you'd rather ask the way you'd ask a smart colleague over Slack.
What it doesn't do yet: free-text generation, document summarisation, conversational AI. The architecture splits planning from execution, which fits analytical tasks cleanly. Other shapes of work are on the roadmap. Different problem, different design.
Where It Fits Today
Why Trust Decoy
"Trust us" is the weakest possible promise. Decoy doesn't make it.
Sensitive values are dehydrated locally before the prompt leaves your device. The mapping between tokens and real values is held in your browser and destroyed when the session ends. The cloud sees structure. Your machine rehydrates the answer using the real numbers. Network logs show exactly what was sent and what wasn't. You bring your own API key. Your chosen provider's terms apply. Decoy doesn't intermediate.
The architecture is the trust signal. The product would not work if the architecture broke.
Early Access
Decoy is in private alpha. We're letting people in slowly because each early customer shapes what gets built next. We're looking for finance leads, operators, analysts, and teams working with sensitive data on a regular basis. People who'd actually use this and tell us where it's wrong.
If that's you, send a note. Tell us what you do, what you'd reach for it on, and what you'd want it to do that it probably doesn't yet. We read everything. We reply fast.
Built in Sydney. Working in public.