Summary

Tavily Hikari is a Rust/Axum proxy designed to manage multiple Tavily API keys, anonymize upstream traffic, and provide comprehensive audit logging. It targets developers and power users needing robust control and visibility over Tavily MCP endpoint interactions, offering key pooling, security enhancements, and a real-time web console.

How It Works

Built with Rust (2024 edition), Axum, and SQLite, it employs a key pooling strategy using least-recently-used (LRU) selection and last-used timestamps for balanced load distribution. API keys are obfuscated with short IDs, and traffic is anonymized via header manipulation. A React/Vite frontend provides an operator UI for monitoring key health, request logs, and performing administrative actions.

Quick Start & Requirements

Installation via Cargo (cargo run) or Docker (docker run ... ghcr.io/ivanli-cn/tavily-hikari:latest). Requires Rust toolchain (1.91.0 pinned) and Bun (pinned). Local development involves running the backend and the frontend SPA separately. Docker Compose is also supported. Official documentation is available at ivanli-cn.github.io/tavily-hikari.

Highlighted Details

• Fair key pooling with affinity and LRU fallback.
• Short IDs (nanoid) for keys, with real token isolation.
• HTTP 432 status code triggers automatic key exhaustion marking.
• High-anonymity proxy mode strips sensitive headers.
• Comprehensive audit trail logs requests, responses, and headers in SQLite.
• Operator UI visualizes key status, logs, and admin actions.
• Exposes a Tavily HTTP façade for seamless integration with clients like Cherry Studio.

Maintenance & Community

Continuous Integration via GitHub Actions handles linting and testing. Releases are label-driven (e.g., type:patch, channel:stable) and published to GHCR.io. No specific community links or contributor details were found in the provided text.

Licensing & Compatibility

Distributed under the permissive MIT License. Requires the license notice to be retained. Suitable for commercial use, provided the notice is kept.

Limitations & Caveats

Admin APIs require secure authentication (ForwardAuth recommended over built-in login). In-memory admin sessions are volatile and reset on server restart. The proxy is specifically tailored for Tavily's MCP endpoint.