Hive Ledger™ — the convenience layer for signed receipts

A searchable index for every signed action.

Start Receipting Now → Run a free model receipt Receipt any action

Run a signed receipt, then find it indexed and searchable right here. The ledger is the convenience layer; each row points back to a receipt that verifies on its own.

Hive Ledger™ is the searchable receipt index for AI actions, model calls, agent tasks, x402 payments, API workflows, and human-origin attestations. Each indexed row points back to a Hive Receipt that verifies on its own — canonical bytes, a SHA-256 hash, an Ed25519 signature, a published public key, and a public verifier. The ledger makes those receipts discoverable, searchable, and auditable. It is not required to trust them.

The one rule that matters

The ledger is convenience. The receipt is proof. Verification is portable: a receipt carries everything needed to check it offline — canonical bytes, hash, signature, and public key — verifiable by any party with no required call back to Hive. The ledger helps you find and audit receipts; it never sits between you and the truth of one.

— The big distinction

The ledger is convenience. The receipt is proof.

Convenience layer

Hive Ledger™ — index & discovery

  • Searchable index across every receipted event type
  • Query, filter, and paginate by sequence, event type, and time
  • Aggregate summaries for audit and reconciliation
  • Points at receipts — it does not replace or gate them
  • Optional: if the ledger is unreachable, receipts still verify
Proof layer

Hive Receipts — portable proof

  • Canonical bytes + SHA-256 hash bind the exact content
  • Ed25519 signature verifies against a published public key
  • Checkable offline by any party — re-verifiable later
  • No required call back to Hive to establish trust
  • Attests the operation, never a verdict on correctness
— Architecture

From event to portable proof — the ledger sits to the side.

Trace one event through the pipeline. Proof is established at the offline verifier (green). The ledger index and any anchor / mirror are convenience and durability — additive, never on the trust path.

Event lifecycle
1 · Event
An AI action, model call, agent task, x402 payment, or attestation happens.
source
2 · Canonical payload
Fields are serialized to a single canonical byte encoding.
deterministic
3 · Hash
SHA-256 over the canonical bytes binds the content.
sha-256
4 · Signature
Ed25519 signs the receipt against the issuer key.
ed25519
5 · Offline verifier
Proof. Any party checks bytes, hash, signature, and key — no Hive call needed.
portable
6 · Ledger index
The verified receipt is indexed for search, discovery, and audit.
convenience
7 · Anchor / mirror
Optional durability: transparency-log root, customer mirror.
additive
Idle — press “Trace an event”. Proof is established at step 5, before indexing.
— Product modules

What Hive Ledger gives you.

Each module is tagged by what is live today versus next-stage or enterprise. Nothing here is required to verify a receipt — every module is built on top of portable proof.

Receipt Explorer

Index API live

Browse, page, and inspect indexed receipts across every event type. The read API is live today; a fully embedded, browsable UI inside third-party apps is next-stage.

GET /v1/receipts · GET /v1/receipts/summary

Public Verifier

Live

Verify any receipt against the published Ed25519 public key. Free, and the proof is portable — the same check runs offline with no call back to Hive.

GET /v1/receipts/pubkey · GET /v1/receipts/verify/{seq}

x402 Payment Ledger

Live

Every x402 event becomes its own receipted row — real payment_required metadata on quote and emit. x402 is the only payment rail.

POST /v1/x402/quote · POST /v1/receipt/emit

Agent Action Ledger

Live

Agent-task receipts across registered adapters (Manus configured today). Index a full route as a chain of signed receipts. See Agent Trip.

GET /v1/agent-receipts/adapters

Transparency Anchors

Ed25519 log live

A signed, append-only Merkle accumulator — Ed25519-signed roots across canonical provenance domains, live today. External public / blockchain anchoring is next-stage; post-quantum ML-DSA roots are reserved for a future algorithm epoch.

GET /v1/accumulator/policy · GET /v1/accumulator/receipts/root

Audit Bundle Export

Next-stage

Today you can assemble an audit bundle yourself from the public index plus the offline verifier — each receipt is self-contained. A one-click signed bundle export endpoint is next-stage.

Build from /v1/receipts + offline verify · one-click export = next-stage

Customer Ledger Mirror

Enterprise · next-stage

Per-tenant portal ledger read is live today. A fully customer-hosted, self-hosted mirror you run in your own infrastructure is an enterprise / next-stage capability — not live yet.

GET /v1/portal/{tenant}/ledger (read, live) · self-hosted mirror = enterprise

Embedded Explorer

Next-stage

A browsable receipt explorer embedded natively inside your own app or a partner surface. The read APIs exist today; the drop-in embedded UI is next-stage.

Built on /v1/receipts · embedded UI = next-stage
— Live today vs next-stage

Exactly what is real right now.

Live today
  • Receipt index & summary — searchable ledger read API
  • Public key & public verifier — portable, offline-checkable
  • Model receipts — signed proof for model calls
  • x402 quote & receipt emit — real payment_required
  • Agent-task receipts — registered adapters (Manus)
  • Signed Ed25519 Merkle transparency log — accumulator roots
  • Per-tenant portal ledger read · activation keys
Next-stage / enterprise
  • External public / blockchain anchoring of roots
  • Fully customer-hosted, self-hosted mirror
  • Embedded browsable explorer inside third-party apps
  • One-click signed audit-bundle export endpoint
  • Post-quantum ML-DSA signature roots (future epoch)
Guardrail we hold to

We do not claim public blockchain anchoring is live — the live transparency log is a signed Ed25519 Merkle accumulator, and external public anchoring is next-stage. We do not claim a fully customer-hosted mirror is live — per-tenant portal read is live; self-hosting is enterprise / next-stage. And the ledger is never required to verify a receipt.

— Live ledger

Read the index, live.

Read-only. This pulls the public ledger summary from receipts.thehiveryiq.com directly — numbers reflect current state. If the endpoint is briefly unreachable, the widget says so rather than inventing data.

Open raw JSON
Idle — press “Load ledger summary”.
Indexed entries
Next sequence
Event types indexed
Signing algorithm
Public key
— Developers

Call it yourself.

All read/verify endpoints below are live today against https://receipts.thehiveryiq.com. Verification is free and portable — the public key lets you check a receipt offline, with no call back to Hive.

Public key — verify receipts offline (Ed25519) curl https://receipts.thehiveryiq.com/v1/receipts/pubkey
Ledger index — list receipts (searchable, paginated) curl 'https://receipts.thehiveryiq.com/v1/receipts?limit=5'
Ledger summary — aggregate counts by event type curl https://receipts.thehiveryiq.com/v1/receipts/summary
Verify a receipt by sequence — returns the verification result curl https://receipts.thehiveryiq.com/v1/receipts/verify/13100
Model receipt — receipt a live model call curl -X POST https://receipts.thehiveryiq.com/v1/model-receipts/run \ -H 'Content-Type: application/json' \ -d '{"provider":"mistral","model":"leanstral-1-5","prompt":"State the theorem add_comm for Nat."}'
x402 quote — real payment_required metadata (x402 is the only payment rail) curl -X POST https://receipts.thehiveryiq.com/v1/x402/quote \ -H 'Content-Type: application/json' \ -d '{"sku":"receipt.emit"}'
Agent action ledger — registered agent-task adapters curl https://receipts.thehiveryiq.com/v1/agent-receipts/adapters
Transparency log — signed Ed25519 Merkle accumulator policy + root curl https://receipts.thehiveryiq.com/v1/accumulator/policy curl https://receipts.thehiveryiq.com/v1/accumulator/receipts/root

Start with one signed receipt.

The fastest way to understand the ledger is to put one receipt in it. Run a paid receipt over x402, test a model receipt, or request an activation key — then watch it appear in the index and verify it portably.