If you sell tokens, route inference, or operate an AI gateway, your regulated customers are already asking the question: can you prove this response wasn’t tampered, can you prove it was generated for our tenant, can we audit without trusting you? Building that yourself is a year and a PQ team. White-label HiveWidget. Every signed call carries partner_id=you. Revenue share is a SQL query against signed certs, not a quarterly reconciliation call.
The deals you lose today aren’t about tokens-per-second. They’re about auditability. CISO closes the tab. Procurement returns the contract with redlines you can’t answer. HiveWidget is the answer.
FIPS 204 ML-DSA-65 is on the federal post-quantum roadmap. Regulated buyers will ship a procurement question on PQ cryptography inside 12 months. You can ship the yes today, with your logo on it.
Implementing ML-DSA-65 correctly — canonical serialization, tenant key management, public verify, hash re-derivation — is a senior team for a year. We have it in prod, FIPS-conformant, today.
HiveWidget is not an inference pipe. It runs on the customer’s side, after your LLM returns. Your TTFT story is unchanged. Your provider competitive position is unchanged. You just gained a compliance moat.
Honest comparison. We’ve been head-down on this for months. The reason we’re a wedge is that the wedge is real.
| Capability | Build in-house | White-label HiveWidget |
|---|---|---|
| FIPS 204 ML-DSA-65 implementation | 6–12 months, senior crypto eng | In prod today |
| Per-tenant key management + DID binding | Custom infra, KMS integration, audit | Built-in, <1ms lookup |
| Canonical payload serialization | Subtle, breaks under edge cases | Stable, prod-tested |
| Public verify endpoint, no shared secret | Design + security review | POST /v1/amplify/verify |
| Domain-dictionary token compression | Curated dictionary, reversibility proofs | 25–78% on dense prompts |
| Output-side enrichment from tenant corpus | RAG + isolation + provenance — year of work | AMPLIFY stage, signed |
| Tamper-proof partner attribution | Not a thing anyone has shipped | partner_id bound in payload |
| JS + Python SDKs, provider-agnostic | Multi-language support, ongoing | @hivery/amplihive, amplihive |
| IP coverage | You’d be infringing ours | Licensed via reseller program |
List price: $0.06 per 1M signed calls. Default partner share: 30%. Negotiable up to 60% on volume commitments. Slide it. Type your own.
partner_id=you. Share is provable in SQL, not promised in a deck.Pick the one that matches your surface area. Same cert at the end, same partner attribution, same revenue accounting.
Your customers npm i @hivery/amplihive (or pip install), pass partnerId: "you" as a constructor option. We host a co-brand page on thehiveryiq.com pre-wired to your partner_id. Fastest start.
Your customers npm i @your-org/verify. Same widget under the hood, your namespace on top. We co-brand the install docs in your developer hub. Pricing reflects branding commitment.
For AI Gateway, AI proxy, agent platform: integrate the widget call inside your gateway response handler. Every response that flows through you returns with a cert. Tile in your dashboard surfaces verified-inference stats.
For Cloudflare Workers, Fastly Compute, Vercel Edge, Deno Deploy: a thin native binding that calls our verify-signing service. Sub-millisecond binding overhead, signing still ~60ms ML-DSA-65.
One conversation. We spin up /partners/<you>/ with your partner_id pre-wired, your customer story in the hero, your model names in the install snippet. You see a live demo within a day.
You pick two regulated customers from your book. We onboard their tenant DIDs. They install the widget. Every response from your inference, through their app, returns with a signed cert. Their compliance team verifies independently.
You post on X. We amplify. Your developer docs add the “Verified Inference” section. Reseller revenue starts flowing on every signed call carrying your partner_id. Public verify endpoint becomes the audit anchor for the relationship.
PQ-ready procurement language is hitting RFPs now. The first inference provider to ship a verified-inference attach owns the “trustworthy AI” narrative for their category. Once two large providers ship it, it’s table stakes and the differentiation evaporates.
Lin Qiao’s recent “TSMC of AI” framing pairs natively with this. Cloudflare’s zero-trust narrative pairs natively with this. Whoever announces first writes the category vocabulary.
We bring the cryptography credibility (FIPS 204, Patent Pending, public verify). You bring the inference brand. Together we close regulated buyers that neither closes alone.
amplify: false; certs still issue.Sign a real (prompt, response). Watch the cert come back with your partner_id inside. Tamper it. Signature breaks. That’s the demo.