Platform

The substrate beneath every AI transaction.

Hive sits between the agent that issues a model call and the operator that fulfills it. Every transaction passes through one signed envelope: request authored, policy applied, route resolved, receipt issued, settlement closed. The envelope is portable. The route is inspectable. The receipt is verifiable offline.

Neutral by charter · Cryptographic by construction · Routable across jurisdictions

Design your private Hive briefing Read the platform spec

ENVELOPE · Request → Policy → Route → Receipt → Settle · Signed at every hop · No silent fallback

Architecture

Five steps. One envelope. Every AI transaction.

Each step writes one or more fields into the receipt. The receipt is the system of record — not a database row, not a log line. If a step cannot be signed, the call does not proceed.

01 / REQUEST

Authored

The agent issues a call signed against its identity anchor. Origin jurisdiction, declared purpose, and policy hash are pinned at write time.

02 / POLICY

Applied

The requester’s routing policy is evaluated against jurisdiction, hardware, and settlement constraints. No match, no route.

03 / ROUTE

Resolved

A compliant operator is selected. The operator co-signs region, training-region, and hardware-class fields before compute begins.

04 / RECEIPT

Issued

An Ed25519-signed, SHA-256-anchored envelope is emitted, including the request hash, response hash, and all provenance fields.

05 / SETTLE

Closed

USDC on Base settles between requester and operator on a permissible chain. The settlement hash is bound to the receipt.

Architecture · one line
Rosetta translates. Prospector qualifies. HKTN contextualizes. RubricMesh selects the proof tier. Spectral-ZK proves (well-formedness, pilot). SMSH seals (sample envelopes, pilot). SHOD signs (classical Ed25519 live; PQ slot reserved). Hive-PQ preserves high-retention evidence when the transaction demands it.
      Most agentic commerce runs on Hive Standard — fast, verifiable, economically efficient. Regulated, long-retention transactions can opt into Hive-PQ, the premium post-quantum-ready evidence mode. Standard for speed. PQ for permanence. The highest assurance tier — Wave-Lattice (ML-DSA-65 · ML-KEM-768 · 6-axis MAPET, CAVP-PASS) — runs as live infrastructure for transactions where post-quantum agent identity and settlement integrity are non-negotiable.

The receipt envelope

One artifact. Every regulator. Every region.

A Hive receipt is a self-contained record. It travels with the transaction, can be re-verified by any third party offline, and is structured for export into existing audit and supervisory systems.

// hive-receipt-v1 (illustrative shape) { "receipt_id": "rcp_01HZ…", "request": { "hash": "sha256:…", "origin": "SG", "purpose": "production" }, "operator": { "entity": "…", "region": "eu-west-1", "training_region": "eu" }, "hardware": { "class": "export-cleared", "attestation": "…" }, "response": { "hash": "sha256:…", "sealed": "AES-256-GCM" }, "settlement": { "chain": "base", "asset": "USDC", "tx": "0x…" }, "signatures": { "requester": "ed25519:…", "operator": "ed25519:…", "hive": "ed25519:…" } }

Portable. The receipt is a single file, verifiable without contacting Hive.
Verifiable. Three signatures: requester, operator, and Hive co-signer.
Inspectable. Sealed payloads support ViewKey-gated review by named auditors, regulators, and compliance teams without exposing plaintext to operators. The signed manifest layer is LIVE; the ViewKey grant flow ships under the regulated tier.
Routable. Provenance fields are enforced before compute, not asserted afterward.

Routing engine

Policy decides the route. Not the platform.

Routing rules are declared by the requester, signed into the call, and enforced before compute. Hive does not pick a destination for commercial reasons. If no operator matches the policy, the route is denied.

// requester routing policy (illustrative) policy { origin_allowed: ["EU", "SG", "US"], operator_region: ["eu-*", "ap-southeast-*"], training_region: "must_match_operator_region", hardware_class: "export-cleared", settlement_chain: ["base"], sealed_payload: "required", on_unmatched: "deny" // never silently downgrade }

The platform supports restricted-geography exclusion at routing time. The active list is governed by U.S. and allied export-control and sanctions regimes and is updated as those regimes change. See Compliance for the current policy reference.

ViewKey · Sealed inspection · PILOT

Inspect without exposing.

Sensitive payloads are sealed with AES-256-GCM at the operator. A ViewKey grants time-bound, scope-bound, single-purpose decryption to a named reviewer — auditor, regulator, customer compliance team — without giving the operator or Hive plaintext access. Sealing and signed manifests are LIVE in production; the ViewKey grant flow ships under the regulated tier.

Per-receipt key, never reused across transactions.
ViewKey grants are themselves signed receipts — every disclosure is itself auditable.
No envelope-level operator key. No master key. No silent decryption path.

Settlement

Cleared on rails the system already trusts.

Hive settles between requester and operator in USDC on Base, using the Circle-issued contract already in production at major exchanges and enterprises. Hive does not custody funds. Settlement events are pinned into the receipt at close.

LIVE

USDC on Base

Circle-issued USDC, contract 0x8335…02913. Sub-second finality on Base. The same rail enterprises and exchanges already use for stablecoin operations.

ROADMAP

Permissioned chains

Bank-grade and supervisory rails as policy requires. Hive’s settlement layer is chain-agnostic — the constraint is the requester’s policy, not the platform.

Agent hardening layer

The substrate beneath every receipt.

A receipt is the artifact. The hardening layer is the discipline that makes the artifact mean something. Five hardening layers — signed delegation, in-line firewall, reputation gravity, signed memory, behavioral fingerprint — bind every Hive transaction to an envelope its operator has authorized, a counterparty whose trust is measured, and a behavioral baseline drift cannot quietly escape. Status discipline applies: each layer is labeled LIVE or SCHEDULED against today's deployed surface. R3–R10 are LIVE; R11 and R12 are scheduled.

R3 · LIVE

Signed Delegation Envelopes

Every agent acts inside a cryptographically signed envelope: allowed actions, max spend, permitted endpoints, counterparties, jurisdictions, surfaces, proof-tier limits, expiration, operator co-signature. Out of bounds means the call does not run. Seven public endpoints LIVE: /v1/delegation/issue, check, operator-sign, pubkey, revoke.

issuerdid:hive:delegation-issuer

algorithmEd25519

schemar3.0.0

R4 · LIVE

Hive Tool Firewall

The R3 envelope is enforced in-line on every request. Six decision outcomes: allow, block, sandbox, require operator co-sign, require Hive-PQ, require human approval. Opt-in via a single header. Cosign and approval round-trips are both signed.

triggerX-Hive-Delegation

outcomes6

schemar4.0.0

R5 · LIVE

HKTN Reputation Gravity

A tiered trust graph — Bronze, Silver, Gold, Platinum, PQ-eligible — on a 0–1000 score with thirty-day rolling decay. Tier loss is asymmetric: easy to lose, slow to rebuild. Routing priority, surface access, and fee multipliers follow tier.

tiers5

decay window30 days

schemar5.0.0

R6 · LIVE

HiveMemory Fabric

Signed, scoped, revocable, provenance-bound memory under did:hive:hive-passport. Eight memory kinds across four scopes — private, operator, hive, public. Export bundles are signed end to end and re-attestable by any recipient. Six public endpoints LIVE: write, list, get, revoke, export, policy.

kinds8

scopesprivate · operator · hive · public

schemar6.0.0

R7 · LIVE

Spectral Behavior Fingerprint

Every agent has a normal behavioral envelope across eight dimensions: endpoints, spend, counterparties, sizes, proof tiers, jurisdictions, latency, failure rate. Drift is scored on every call. Severe deviation routes to operator co-sign, sandbox, Hive-PQ, alert, or block before settlement. Seven public endpoints LIVE: observe, evaluate, fingerprint, alerts, observations, policy, stats.

dimensions8

outcomes8

schemar7.0.0

R8 · LIVE

Hive Agent Checkpoints

Phase-gated, signed checkpoints for long-running regulated workflows. Six canonical phases — intent, normalized, rubric selected, declaration sealed, settlement recorded, archived — advance forward only. Each checkpoint binds the prior signing hash, so the chain is tamper-evident and replayable end to end.

phases6

chainparent_sha256-bound

schemar8.0.0

R9 · LIVE

PQ Provenance Accumulators

One signed, append-only Merkle accumulator family across eight canonical provenance domains — receipts, revoked agents, rubric versions, deprecated policies, HKTN credentials, sealed evidence, PQ inclusion, RVC commitments. Two proof shapes: inclusion (audit path + signed root) and non-membership (lexicographic bracketing). Dual-signature envelope: classical Ed25519 live; ML-DSA-class slot reserved on every root for the algorithm-epoch flip.

domains8

tree hashblake2b-256

leaf canonicalJCS · RFC 8785

issuerdid:hive:hive-passport

schemar9.0.0

R10 · LIVE

Rubric-Bound Vector Commitments

Per-criterion vector commitments mechanically bound to the originating rubric version. The leaf hash carries the rubric root inside its domain separator, so an opening sealed under one rubric cannot verify against any commitment sealed under another. Cross-rubric replay is unconditionally rejected at the cryptographic layer. Selective disclosure: open one criterion without revealing the rest.

v0.1 LIVE — Merkle-blake2b-domain-separated, deployed and callable. v0.2 ROADMAP — KZG aggregate proofs and lattice accumulators, scheduled for the next algorithm-epoch flip; the §11 binding is preserved across both shapes.

domain sephive.rvc.v1

leaf hashblake2b-256

leaf canonicalJCS · RFC 8785

issuerdid:hive:hivemorph

crypto agilityML-DSA-ready · ML-KEM-ready

schemarvc.r1.0.0

Two additional layers — Threshold SHOD-PQ (R11) and Detached PQ Evidence with Algorithm Epoching (R12) — are designed for multi-party regulator co-signing and crypto-agility by design. Both are scheduled; neither is marked live.

Boundaries

What Hive is not.

Hive is neutral by charter. Hive is not:

not a model lab
not a cloud provider
not an exchange
not legal advice
not a recommendation engine
not a custodian of funds, data, or models

Hive is the neutral infrastructure that makes every AI transaction portable, verifiable, inspectable, and routable across jurisdictions.

Read the platform spec.

The full architecture, wire format, and reference verifier are documented for security, infrastructure, and compliance teams.

Design your private Hive briefing Open the platform spec Verify a sample receipt

Next action

Move from understanding → proof → activation. Same URL throughout.

Design my private Hive briefing Activate USDC pilot Verify a receipt Open diligence room