Logic aside, BYO API key rarely works because of this. Even when Google goes through the effort of checking all of these for trojans. It has to go through an API and you charge for that usage. Or there's some other charge to build trust - even scammers make you pay a little at first and then refunds the money.
The key is CLIENT SIDE. It’s still SECRET only to YOU and GOOGLE.
It’s stored in SYNC STORAGE in YOUR BROWSER.
Check the network tab, nothing is LEAKED.
| simplicity and freedom | openness and sincerity
Lol