AFiR · a first for AI · the sovereign agent + provider protection program
Every other agent leaves a log its operator controls — a record a party keeps about itself, which is a claim, not evidence. The Hive sovereign agent is different: it mints an independent, post-quantum receipt for every move it makes (ML-DSA-65, NIST FIPS 204), verifiable offline by anyone, without trusting the provider who ran it. On top of that self-proving agent sits a program no other inference provider can offer: price protection that survives the race to the bottom, and a liability record that keeps you out of the witness chair.
Live now · no call, no demo · 1,000 free receipts a day · your first signed receipt in ~30 seconds
01The sovereign agent
A single agent, minted through Hive, that does the work and receipts itself the whole way — fragmenting across the cheapest capable compute, healing its own faults, and watching itself for drift. It does not hand its proof to the provider to vouch for — it signs its own. Each capability is delivered by a named primitive and emits an independent, ML-DSA-65 signed receipt anyone can verify offline.
| Capability | What it does | What it proves · receipt |
|---|---|---|
| Born receiptingConstitutional mint | Minted bound to an independent signer; holds a credential to request signatures, never the key. | This specific agent did the work — and it cannot sign for itself. A forgery is impossible without the independent key. |
| Signs every actionAFiR · Stream | Every action and segment signed as it happens, off the hot path, no added latency. | What the agent did, untampered — verifiable by anyone, alterable by no one. |
| Fragments with proofSLS · Lateration | Decomposes the task; routes each fragment to the smallest capable model or node. | Which model, which node, in what shape — each fragment independently signed, content sealed. |
| Binds the graphAssembly receipt | Binds the fragment receipts into one verifiable provenance graph of the composed result. | The final answer was assembled honestly from exactly these fragments — the whole shape, proven. |
| Heals itselfMiR · RCm | Detects a faulted fragment; re-routes or re-executes, bounded by cost cap and retry limit. | What failed and how it recovered — the repair signed as localized, bounded, non-rewriting. |
| Cleared to actImprimatur | Each fragment cleared against policy before it runs; refusals are themselves signed. | The agent acted only within what it was authorized to do — clearance on the record. |
| Knows the missionMission coherence | Checks each result and the whole trajectory against a signed mission contract; flags or halts on drift. | It stayed within the authorized mission — or flagged when it didn't. Drift becomes a signed event. |
02The provider protection program
Pillar 1 · Economic
Inference is commoditizing. Anyone can match your price; the margin erodes to zero as models become interchangeable.
A signed receipt is the one thing a competitor can't undercut. "Provable inference" is a premium tier that prices on trust, not tokens — and it's defensible, because the moment a rival issues its own receipts, they're claims, not proof. Independence can't be copied by spending money.
You stop competing on price floor and start selling the one attribute that has no substitute: proof.
Pillar 2 · Legal
When an AI decision causes harm, the provider's own logs are the least credible evidence in the room — and the question waiting in deposition is brutal:
"You knew independent receipts were available. You knew these outputs weren't attested. And you chose not to implement them. Why?"
An independent, tamper-evident receipt on every inference is the answer that closes that line of attack before it opens. You implemented the available standard of care. The proof is neutral, it's cryptographic, and it didn't come from you.
The doctrine
Standard of care is not a Hive invention — it is how liability has always worked. The moment a reasonable, available means of preventing harm exists, the law stops asking whether harm occurred by accident and starts asking whether you took the available step. Seat belts, audit trails, encryption at rest: each began as optional and became the line a reasonable operator is expected not to fall below.
Independent, tamper-evident attestation of agent actions is now that available step. A record a party keeps about itself is a claim; an independently signed receipt is evidence. Once the second exists and is offered, relying only on the first is no longer a neutral default — it is a choice, and choices get examined.
01 · A remedy exists
Independent receipts are available, standardized, and offered to any provider on the market.
02 · The remedy is declined
A provider continues to rely on its own self-kept logs and ships outputs that were never attested.
03 · The decline is examined
After harm, the unanswered question is not "what happened" but "why didn't you adopt the standard."
03How it lands in every vertical and channel
The sovereign agent is the engine; the verticals and channels are where the proof becomes money and defense. The same independent receipt that protects the provider becomes the artifact the regulated buyer was already required to produce — and it rides along on whatever channel the agent is reached on. Adoption isn't a cost; it's the deliverable.
Contract analysis, IP review, and agent-to-agent legal workflows that produce a signed chain of exactly which clauses were read, which were flagged, and on whose authority.
The receipt: an independent provenance graph an opposing counsel can verify and the firm cannot have authored after the fact.
Run the workflow →Clinical-trial and PHI workflows where every agent action is attested against ALCOA+ data-integrity expectations and HIPAA handling, sealed at the moment it happens.
The receipt: attributable, contemporaneous, original, accurate — the integrity record an auditor asks for, issued by a signer the sponsor doesn't control.
Run the workflow →Article-13 transparency, CMMC, and NERC CIP regimes that demand a demonstrable trail of what the system did and why. The agent emits that trail as it runs.
The receipt: the transparency and logging obligation discharged automatically — not reconstructed in a binder before the audit.
Run the workflow →Grid settlement and AI-load-flexibility attestation where a metered action becomes a payment. The action and its settlement are signed in one provenance graph.
The receipt: a settlement-grade proof that the load event happened as billed — neutral enough to clear between counterparties.
Run the workflow →Treasury, remittance, and tokenized real-world-asset flows where an agent moves value. Each step carries an independent, tamper-evident receipt.
The receipt: the audit trail a controller, an examiner, and a counterparty can each verify without trusting the institution's own books.
Run the workflow →Official play-by-play, odds, and the settlement tick a market pays out against — from feeds like the major sports-data distributors. The receipt seals that the feed was untampered as produced and that the bet settled against the real value at the stated time.
The receipt: the integrity record a regulator, an exchange, and a losing counterparty can each verify — so no party has to take the operator's word that the number was real.
Run the workflow →Royalty and play-provenance for streamed audio, plus AI music generation. The receipt proves which plays are real before a royalty dollar moves, and which fragments of a work were machine-made.
The receipt: a signed royalty-provenance record a PRO, a label, and a distributor can each verify — and a registration-grade authorship line for the human-vs-AI split.
Run the workflow →The independent black box for machines that drive. Hive doesn't build the recorder — it signs the decision-moment so the record isn't the operator's word against the world.
The receipt: a signed driving record the operator cannot edit after the event — the one piece of evidence in a crash inquiry that didn't come from the party being questioned.
Run the workflow →Every extracted field — value, source region, model, confidence — bound into one root and signed once, before that extraction moves real money.
The receipt: proof of where each field came from, so an OCR output stops being an unverifiable assertion the moment it enters a payment or a filing.
Run the workflow →Content-aware signed routing for voice and streamed audio — every segment attested as it happens, off the hot path, proving the compliant model handled it.
The receipt: a real-time, segment-level record that the right model handled the call — verifiable without replaying or trusting the stream owner's logs.
Run the workflow →When the agent is reached over WhatsApp, the receipt rides along. The message handled, the action taken, and the authority it acted under are all signed — the channel doesn't change the proof.
The receipt: a record that this exact exchange happened and was authorized — independent of the messaging platform, verifiable offline.
Run the workflow →Same primitive over Telegram. An agent operating in a chat signs what it did and on whose authority, so a conversational interface is held to the identical standard of proof as an API call.
The receipt: the conversation's actions sealed as they happen — channel-agnostic, tamper-evident, and impossible to manufacture after the fact.
Run the workflow →In each one, the buyer already owes someone a record they didn't keep about themselves — or is reached on a channel that erases provenance. The sovereign agent produces that record as a byproduct of doing the work.
The receipt: the same primitive, every time — independent, signed, offline-verifiable, and impossible to manufacture after the fact.
Every other provider asks the market to trust its logs and its price. Hive gives you proof a rival can't undercut and a record a prosecutor can't turn against you.
04Why ours is built different
A typical agent does the work and asks you to trust that it did. A Hive sovereign agent does the work and proves every step with an independent receipt no one — not even Hive — can forge after the fact. Same task. One leaves you exposed; one leaves you covered.
| Capability | A typical agent | A Hive sovereign agent |
|---|---|---|
| Identity | ×Asserts who it is; can sign its own claims. | ✓Minted to an independent signer — cannot sign for itself. |
| Record of its actions | ×Self-kept logs it can edit — a claim, not evidence. | ✓Every action signed as it happens, tamper-evident. |
| Verification | ×Take the vendor's word, or get access to their system. | ✓Anyone verifies offline with the public key alone. |
| When a step fails | ×Silent retry or a buried log line. | ✓The fault and the bounded repair are themselves signed. |
| Authority | ×Acts on broad standing permissions. | ✓Decaying authority that only narrows; refusals signed too. |
| Staying on mission | ×Drifts; you find out after the harm. | ✓Checked against a signed mission contract; drift is a signed event. |
| In a deposition | ×Its own logs are the least credible evidence in the room. | ✓A neutral, cryptographic record that didn't come from you. |
Every row a typical agent can't fill is a row that becomes your liability when something goes wrong. The sovereign agent fills all of them — and hands you the receipt.
05Priced to start free, scale to nothing
Proof shouldn't be a procurement cycle. Start free, pay per receipt as you grow, or mint your own agent and earn on every call routed through it. Every call settles in stablecoin on Base — no invoice, no reconciliation.
Start free
$0 /day
1,000 free receipts a day. Sign, verify, tamper-test — no card, no call. Enough to ship a real pilot.
Pay per receipt
~$0.0002 /receipt
Fragment-level attestation from a fraction of a cent. Higher-assurance signed-truth tiers run $3–$7 where the stakes justify it.
Mint & earn
from $5 to own
Own an agent and earn 20% on the first $10,000 it mints. Solo builders start on Hive Lite at $29/mo.
Verification is free, forever, for anyone — the receipt is only worth something if the other side can check it without paying you.
Pick your vertical, then the channel you run on. You land on a page that sets up your tenant and hands you a one-line call to sign your first receipt — then verify it independently with the public key alone, change one field, and watch it fail.
No call · no demo · no one to talk to