Upload your API keys, feature flags and live-ops config to the Kiskis vault. We'll only hand them over to genuine, non-jailbroken iPhones — verified in hardware by Apple's Secure Enclave.
Drop keys into the dashboard, or ship them from CI with kiskis upload. Encrypt client-side if you want us to hold only ciphertext.
Swift Package Manager adds the SDK. Point it at your team & config key. No build-phase scripts, no Info.plist gymnastics.
On launch, Kiskis hands keys to attested devices only. Cached in Keychain, refreshed via silent push. Bots, emulators and jailbreaks get a polite 403.
Kiskis is Approov-grade attestation, LaunchDarkly-style flags, and a secret vault — in a single Swift package priced for people who ship alone.
Every request is signed by Apple's Secure Enclave via App Attest. No attestation, no payload. Emulators, jailbreaks and cracked IPAs are rejected before bytes leave the edge.
Encrypt locally, upload ciphertext, sleep at night. The decryption key never leaves your binary. Not our engineers, not a subpoena, not the math — none of us can read it.
Progressive rollouts, kill switches, A/B variants, version targeting. Tune drop rates and event timers without a TestFlight build. Silent-push sync propagates in seconds.
Ship v3 to v3-only. Keep v2.x on the old endpoints until you're ready to sunset.
Encrypted Keychain cache, background refresh, configurable staleness — works on the subway.
Revoke any key or config in minutes. Compromised build goes dark instantly.
CLI + GitHub Action. kiskis upload --file config.json from your pipeline.
Stripe or RevenueCat webhook tells us who paid. We deliver the Pro content — only to attested devices.
Cracked IPAs can't pass App Attest. Piracy goes from "script kiddie" to "dedicated reverse engineer."
Separate economy, events, difficulty docs, each role-gated. No PlayFab pricing.
kiskis.deviceInfo().firstSeen. Build trial logic with no backend of your own.
Every change archived, diffable, instantly rollbackable.
Propagate new flags across a user's devices in seconds, not minutes.
Send or broadcast APNs from any server. push:send, push:broadcast, push:status — no APNs certs to manage.
GET/PUT/DELETE /users/:id/data. Store profile, entitlements, progress — attested reads on device, webhook writes server-side.
We can't read your secrets. Not our engineers, not a hacker, not a court order. The math won't allow it.
Zero-knowledge mode · optional · one flag
LaunchDarkly-style flags, Approov-style attestation, and a secret vault — at roughly a tenth of the price. No seat minimums, no sales call.
| Kiskis | LaunchDarkly | Firebase RC | Approov | |
|---|---|---|---|---|
| Starter price | $0 · Indie $29/mo | $200+/mo | Free (lock-in) | ~$500/mo |
| Secret vault | ● Built-in | — | — | — |
| Feature flags | ● Yes | ● Yes | ● Yes | — |
| Progressive rollouts | ● Yes | ● Yes | ◐ Limited | — |
| Hardware attestation | ● Yes | — | ◐ App Check | ● Yes |
| Zero-knowledge | ● Yes | — | — | — |
| Vendor lock-in | ● None | ● None | ● None | |
| Open-source SDK | ● Yes | — | ◐ Partial | — |
| Setup | 5 lines Swift | SDK + rules | Firebase project | Complex SDK |
All features on every tier. Pay for the scale of your users, not the feature set. We won't break your production app as a billing lever.
For prototypes and hobby apps.
For side hustles shipping real products.
For startups with real overhead.
Serious traffic, boardroom-level insurance.
Volume pricing, dedicated support.
60 seconds to integrate · free forever for small apps