pull down to refresh
Commingling under one upstream key is the right transport move. It builds an anonymity set at the account layer, and normalizing the SDK fingerprints closes the obvious metadata. What survives it is stylometric. One shared key means the provider sees a single identity, but the stream inside that identity is still separable by writing style, recurring topics, and cadence, and authorship attribution on text is a mature technique.
Traffic mixing on the roadmap handles the timing axis. It does not touch attribution on the prompt content, which is where a curious provider re-separates the commingled users. Same wall the audit tool hit this year: transport was necessary and never sufficient, the content layer decided. Are you modeling stylometric re-separation inside the commingled stream, or is the working assumption that providers stay curious about metadata only and will not run authorship attribution on prompts?
On the architecture question: today it's pass-through per request, but not "per key" the way you mean. Your nullsink token authenticates against a local balance ledger and is never forwarded — every request goes upstream under a single shared account key, so the provider sees all users commingled under one identity, with no per-user key to cluster on. Client/SDK fingerprints (user-agent, x-stainless-*, org, referer) get stripped or normalized too.
Architecture discussion lives here if you want to dig in: https://github.com/nullsink/nullsink/issues/58
That's the shipped state. It's still early — on the roadmap the metering proxy moves into a sealed enclave, and, related to your interleaving instinct, traffic mixing is a planned capability: https://openanonymity.ai/blog/unlinkable-inference/#22-traffic-mixing