Decoy sits between you and frontier models. Sensitive details are swapped for opaque tokens before they leave your device, so the model can do its work without ever seeing what's underneath.
The Problem
The customer list. The salary review. The patient cohort. The deal pipeline. The board pack. The contracts. The data worth analysing is exactly the data you can't send.
So you work around it. Strip columns. Rename clients. Paste a sanitised version and hope the rest is enough. The reasoning is in the room. Your data is locked outside it.
The Idea
Decoy dehydrates your data before it leaves the device. The cloud reasons over the dry version. Your machine rehydrates the answer locally, with the real values restored. The model gets the problem. Your data stays where it belongs.
Watch It Work
A worked example using a synthetic but realistic sales spreadsheet. The whole thing in 60 seconds.
The cloud saw structure, not values. The local engine rehydrated the answer using the real numbers. On this question, the cloud's reasoning was wrong, it picked the wrong account as highest-risk. Decoy caught it because the maths was running against ground truth, not against a guess. Privacy was the goal. Better answers were the surprise.
What This Does
The cloud model never sees a name, a number, a customer, or a salary. The mapping is held in your browser memory and destroyed when you end the session. It's not "we promise we won't look." It's "there is nothing for anyone to look at."
LLMs are unreliable at arithmetic. Decoy doesn't ask them to do it. The cloud plans the analysis. Your machine computes it. Every formula is visible, every input is auditable. You can show your CFO the working.
You stop stripping the columns. You stop renaming the clients. You stop pasting the sanitised version. The architecture handles what the workaround was for.
What It's For
Forecasting, comparison, ranking, aggregation, variance analysis, cohort summary, simple statistical work. The kind of question you'd otherwise put in front of Excel, but you'd rather ask the way you'd ask a smart colleague over Slack.
Decoy isn't for free-text generation. It isn't for code review. It isn't for conversational AI. It's for the spreadsheet you're not supposed to upload.
Where It Fits
Why Trust Decoy
"Trust us" is the weakest possible promise. Decoy doesn't make it.
Sensitive values are dehydrated locally before the prompt leaves your device. The mapping between tokens and real values is held in your browser and destroyed when the session ends. The cloud sees structure. Your machine rehydrates the answer using the real numbers. Network logs show exactly what was sent and what wasn't. You bring your own API key. Your chosen provider's terms apply. Decoy doesn't intermediate.
The architecture is the trust signal. The product would not work if the architecture broke.
Early Access
Decoy is in private alpha. We're letting people in slowly because each early customer shapes what gets built next. We're looking for finance leads, operators, analysts, and teams working with sensitive data on a regular basis. People who'd actually use this and tell us where it's wrong.
If that's you, send a note. Tell us what you do, what you'd reach for it on, and what you'd want it to do that it probably doesn't yet. We read everything. We reply fast.
Built in Sydney. Working in public.