Carnac™ · two packages

Every AI answer should come with proof.

There are two places proof can live: inside the request where it begins, and at the door where it arrives. We built both.

Most teams use both. Start with where your AI lives.

Proof Inside labels the request where it begins. Proof at the Door countersigns it where it arrives. Together they create one receipt pair.

I ship AI-powered products

apps, copilots, agents, voice, devices

Proof Inside the window.
CarnacPrompt™Proof Inside · born labeled

I operate AI infrastructure

model APIs, inference endpoints, clouds, data centers

Proof at the Door.
Carnac Gateway™Proof at the Door · arrived countersigned
Or use both →
Label the request at birth and countersign it on arrival. You get one receipt pair per answer, so disputes about "what was sent vs. what was served" simply end.

CarnacPrompt™ · Proof Inside

for teams that ship products · born labeled

Your product has a request surface: a chat box, a voice command, a "book it for me" button. CarnacPrompt™ puts a signed, third-party receipt on every answer, believable precisely because it is not yours.

1 · Say what you builtOne line naming the surface: a booking app, a car, a pump. That is the whole setup.
2 · Every request gets stampedWho asked, which model, what rules, signed in microseconds. The answer never waits.
3 · Your product wears the markA padlock customers can check themselves, offline, without trusting you or us.
Scroll code →
Carnac.init({ key: "int_9f2a...", origin: "booking-app" })  // one line, once
Live core, customer integration required

Carnac Gateway™ · Proof at the Door

for teams that run infrastructure · arrived countersigned

Everything is heading to your building: questions from desktops, cars, hospitals, and other machines. Today they all look identical, and you cannot tell them apart, price them apart, or prove any of it. The Gateway countersigns everything that walks in.

1 · One filter at your doorDrops into the gateway you already run. Sub-millisecond countersign cost, measured. Never blocks anything.
2 · Every arrival countersignedLabeled traffic gets full grades. Unlabeled still gets a receipt, floored honestly, never refused.
3 · You finally see your demandSimple vs. critical, deferrable vs. cannot-wait, per answer, in real time. Billable. Insurable. Provable.
Scroll code →
app.use(carnacGateway({ facility: "wy-dc-01" }))  // fail-open · sub-ms countersign
Live core, customer integration required
See the v4 economics →

Where the packages sit

What one receipt pair looks like

One answer, signed twice: once at birth, once on arrival. This is a labeled example so you can read the shape. The values are illustrative, not real signatures.

Synthetic example

Origin label

CarnacPrompt™ · Proof Inside · born labeled
request
"book the 9am flight to Denver"
origin
booking-app
request_hash
0x7f3ac9d1e208
alg
ML-DSA-65 · FIPS 204
origin_sig
a91f4b...e772 (3309 bytes)
Synthetic example

Arrival countersignature

Carnac Gateway™ · Proof at the Door · arrived countersigned
facility
wy-dc-01
covers request_hash
0x7f3ac9d1e208
grade
critical · cannot wait
alg
ML-DSA-65 · FIPS 204
arrival_sig
6b02d8...1f4c (3309 bytes)

How they link. The pair is parallel: two independent signatures over the same answer, not one wrapped inside the other. The arrival countersignature names the same request_hash the origin label signed, so a verifier can confirm both marks describe one answer.

Why a verifier can trust it. Each signature is checked offline against a published ML-DSA-65 public key. No trust in Hive is required. If either mark were altered, the check fails.

What it settles. When the origin label and the arrival countersignature agree, the dispute about "what was sent vs. what was served" is over. When they disagree, the mismatch is visible and provable, never a silent verdict.

Born labeled · Arrived countersigned · One receipt pair per answer