AI Chat

What it is

AI Chat is a right-edge sidebar in the new tab page that lets you chat with large language models from OpenAI, Anthropic, and Google Gemini. You bring your own API key; New Tabber never proxies your traffic.

Bring your own key

Open AI Chat → Providers tab → pick a provider → Configure. Paste the API key you generated at the provider's console. Links to each console are inside the modal.

• OpenAI: platform.openai.com/api-keys
• Anthropic: console.anthropic.com/settings/keys
• Google Gemini: aistudio.google.com/app/apikey (free tier available)

Where your keys live

By default, keys stay in memory only and disappear when you close the browser. You have three options:

1. Session only — nothing persisted. Re-paste keys each browser session.
2. Encrypted with a password — your keys are encrypted with a password you set and stored in chrome.storage.sync. The password is never stored. You re-enter it once per session (or check "Remember on this device").
3. Encrypted + remembered — the derived AES key (not the password itself) is cached in localStorage, so New Tabber can auto-unlock on next session. This convenience trades some security: anyone with access to this browser profile can decrypt your keys.

Encryption details

New Tabber uses a standard two-layer flow built on Web Crypto:

1. Password → key: PBKDF2-SHA256, 210,000 iterations, random 16-byte salt, derived into a 256-bit AES-GCM key.
2. Key → ciphertext: AES-GCM with a random 12-byte IV encrypts the JSON-encoded key set.

The encrypted blob (salt + IV + ciphertext) is stored in chrome.storage.sync. The password itself is never written to disk. If you enable Remember on this device, only the derived AES key (already useless without the encrypted blob) is cached in localStorage.

No recovery: if you forget your password and haven't enabled remembering, you'll need to paste your API keys again. There's a "Forgot — clear saved" button that wipes the encrypted blob so you can start fresh.

Chat history

Conversations are stored in your browser's IndexedDB (database: new-tabber-chat). History is local only — not synced across devices, not uploaded anywhere. Threads auto-title themselves after the conversation reaches a small token threshold, using the same model you're chatting with.

Model configuration

Each provider exposes many models; by default all are shown. In the provider's config modal you can:

• Filter which models appear in the chat dropdown (select-all / deselect-all helpers).
• Set a default model per provider — used whenever you start a new chat.
• Refresh the model list from the provider's API at any time.

A rough price-tier badge (Free, $, $$, $$$, $$$$) sits next to each model. These are name-pattern heuristics; check the provider's pricing page for actual rates.

Network

Chat requests go directly from your browser to the provider (OpenAI, Anthropic, Google). New Tabber has no server component. The extension declares explicit host_permissions for api.openai.com, api.anthropic.com, and generativelanguage.googleapis.com — nothing else.

Cost

You pay the provider directly. The extension is free. Gemini offers a generous free tier; OpenAI and Anthropic are pay-per-token. Keep an eye on your dashboards.