Hive Civilization
The Proof Layer for AIField notes
← all posts
Cryptographic AI Receipts · Explainer

What Cryptographic AI Receipts Are — and Why Inference Needs Proof

A cryptographic AI receipt is signed, independently verifiable proof that an AI inference happened the way it is claimed. Here is what that means, why a log line is not proof, and how anyone can check a receipt without trusting the platform that produced it.

Most AI systems can tell you what they did. Very few can prove it. The gap between the two is where cryptographic AI receipts live.

When a model returns an answer, a routing layer picks a provider, or an agent decides to spend, the record of that event usually lands in a log or a database row the operator controls. That record is a claim. The operator can edit it, lose it, or reconstruct it after the fact, and you have no way to tell. For a demo, that is fine. For anything a buyer, an auditor, or a regulator will later question, a claim is not enough. You need proof.

A receipt is a signed record, not a log line

A cryptographic AI receipt captures the conditions of an AI event — the model, the inputs, the decision, the timing — and binds them into a single record signed with a private key. Anyone holding the matching public key can confirm two things at once: the record was produced by the claimed signer, and it has not been altered by so much as a byte since. Change one character and verification fails.

Three properties make it proof rather than record-keeping:

  • Signed. Hive receipts are signed with post-quantum ML-DSA-65 (NIST FIPS 204), not stored in a table you have to trust the operator not to touch.
  • Verifiable offline. Verification needs only the receipt and the public key. It runs anywhere, any time, with nothing from Hive at check time.
  • Third-party checkable. A counterparty confirms the receipt on their own, without your cooperation and without a login.

Why post-quantum, and why offline

Signatures are only as durable as the math under them. A record you might have to defend in three, five, or ten years should not rest on a scheme a future quantum computer could forge retroactively. ML-DSA-65 is the NIST-standardized post-quantum signature (FIPS 204); signing with it today means a receipt minted now still verifies — and still means something — later.

Offline verification matters for the same reason. If checking a receipt required calling the platform that made it, the platform would still be the arbiter of its own truth. A receipt you can verify with the public key alone removes that dependency entirely. The proof stands on its own.

What a receipt does not claim

A receipt is honest about its scope. It attests what happened — this model, these inputs, this decision, at this time — not whether the output was correct. It will not tell you an answer was true or a decision was wise. It tells you, verifiably, that the event occurred as described and has not been tampered with. That narrow, honest claim is exactly what makes it trustworthy: it never overreaches.

The short version
A cryptographic AI receipt turns "trust us, this is what the model did" into "here is a signed artifact you can verify yourself." It attests conditions, never verdicts — and that is the point.

Where receipts start: inference

Inference is the natural first surface, because it is where AI systems make claims most often and prove them least. Hive's AFiR mints a cryptographic receipt for signed AI inference — and for each sub-step of it — so a model call can be verified after the fact by anyone. From there the same primitive extends to agent actions and to human-origin data, all sharing one verifiable record format.

If you want the full map of the three surfaces — inference, agents, and human data — the Cryptographic AI Receipts overview is the one-page explainer.

See a receipt get made

Start with the overview, then watch AFiR sign a live inference call and verify it in your browser.

Cryptographic AI receipts AI inference receipts Signed AI inference ML-DSA-65 Third-party proof for AI AI data provenance