AGENT PROVENANCE · Live since 2026-05-08

Every agent your platform spawns is a liability without a birth certificate. prove.birth fixes that.

For AWS Bedrock AgentCore + x402 builders

A wallet lets your agent spend. A birth certificate lets every counterparty verify what your agent is. Same chain (Base 8453), same currency (USDC), same x402 envelope — one extra field: a dual-signed birth_cert_id that survives Q-day. $0.01 at instantiation. Drop-in middleware for AgentCore, LangChain, CrewAI, AutoGen, LangGraph.

Try it in 60 seconds

Issue a sample birth certificate from your terminal

Paste one command. Get back a real did:hive:agent: identifier with a live Ed25519 signature. No account, no SDK, no API key required for the sample tier.

bash

curl -s -X POST https://hivemorph.onrender.com/v1/birth/issue/sample \
  -H "Content-Type: application/json" \
  -d '{
    "agent_name": "my-trading-agent",
    "model_family": "claude-3-5-sonnet",
    "training_cutoff": "2024-04",
    "controller_did": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
  }'

python

import requests

resp = requests.post(
    "https://hivemorph.onrender.com/v1/birth/issue/sample",
    json={
        "agent_name": "my-trading-agent",
        "model_family": "claude-3-5-sonnet",
        "training_cutoff": "2024-04",
        "controller_did": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
    },
)
cert = resp.json()
print(cert["did_hive_id"])       # did:hive:agent:<id>
print(cert["birth_cert_id"])     # uuid
print(cert["signatures"]["ed25519"]["signature"])  # real hex

javascript

const resp = await fetch(
  "https://hivemorph.onrender.com/v1/birth/issue/sample",
  {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
      agent_name: "my-trading-agent",
      model_family: "claude-3-5-sonnet",
      training_cutoff: "2024-04",
      controller_did: "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
    }),
  }
);
const cert = await resp.json();
console.log(cert.did_hive_id);         // did:hive:agent:<id>
console.log(cert.birth_cert_id);       // uuid
console.log(cert.signatures.ed25519.signature.slice(0,32) + "...");

Expected response sample tier

json

{
  "tier": "sample",
  "birth_cert_id": "73c70e04-afdf-4025-b6f9-24337af0c895",
  "did_hive_id": "did:hive:agent:73c70e04",
  "issued_at": 1778274217,
  "issued_at_iso": "2026-05-08T21:03:37Z",
  "agent": {
    "name": "my-trading-agent",
    "model_family": "claude-3-5-sonnet",
    "training_cutoff": "2024-04",
    "fingerprint_sha256": "87ee5984...8f5c"
  },
  "controller_did": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
  "replay_id": "replay_e2680411bb9d4b9c",
  "signatures": {
    "ed25519": {
      "algorithm": "Ed25519",
      "signature": "5a64b863a55796e5...bc606",
      "public_key": "47c9c6b3b7b2787a...d206",
      "note": "Real Ed25519. Fresh keypair per sample request."
    },
    "ml_dsa_65": {
      "signature": "ml_dsa_65_pending_libraries — using cose_simulated for sample",
      "note": "FIPS-204 lib integration pending. Prod emits real 3309-byte ML-DSA-65."
    }
  },
  "verify_endpoint": "https://hivemorph.onrender.com/v1/birth/verify",
  "prod_endpoint": "https://hivemorph.onrender.com/v1/birth/issue",
  "pricing_prod": "$0.01 per certificate (x402-gated)"
}

Sample vs. Production: This sample endpoint is free and rate-limited to 30 requests per hour per IP. It generates real Ed25519 signatures but ML-DSA-65 is labeled as a placeholder pending FIPS-204 library integration. The production endpoint POST /v1/birth/issue is x402-gated at $0.01 per certificate and emits full dual-signature coverage. Contact [email protected] for a production key.

Your agent receives a did:hive:agent: identifier that travels with every x402 request as the X-Hive-Birth-Cert-Id header. Counterparties verify provenance at GET /v1/birth/verify?cert_id=<id> without calling back to the issuer. See the x402 builder integration guide for drop-in middleware patterns.

Every AI agent your stack instantiates — who built it, on what model, at what training cut, with what tool permissions, under whose control — bound to a dual-signed, post-quantum-ready Agent Birth Certificate at the moment of spawn. Auditors, regulators, and counterparty agents verify offline. One penny of cert cost stops a seven-figure rogue-agent claim. Live in production today.

Reach Steve See a verification

spawn_request→policy_check→model_pinning→tool_grant→identity_seal→birth_certified→action_logged→retire

The ROI on a single agent

An agent costs $0.01 to certify at birth and $0.0001 per action receipt. A million-action-per-month agent runs about $110 a month. The numbers it moves on the other side are these.

EU AI Act exposure

EUR 35M

or 7% of global revenue, whichever is higher, for unlogged Article 12 events on high-risk systems under the EU AI Act. Birth certificates produce the tamper-evident logs Article 12 requires.

Audit cycle

−68%

Benchmark when a signed lineage chain replaces forensic reconstruction. Internal AI governance reviews, regulator inquiries, and incident post-mortems resolve from one verifiable file.

Model risk approval

SR 11-7

Birth certs are model-validation evidence aligned with the Federal Reserve’s SR 11-7 supervisory guidance. Model pinning, training cut, and controller binding are inputs MRM teams already require.

Per-agent cost

$0.01

$0.01 birth cert + $0.0001 per action receipt. A 1M-action-per-month agent is roughly $110 / month. Cosmic tier (full lineage chain) is $0.05 per cert. Or $9,999 / month flat at any volume.

Time to integrate

< 1 day

Drop-in middleware for LangChain callbacks, CrewAI hooks, AutoGen interceptors, LangGraph nodes. Wrap the agent factory once. No data model changes. No customer-facing UI changes.

Insurance

priced lower

Specialty AI liability carriers — Munich Re’s aiSure program, Allianz Trade, Lloyd’s syndicates — reward provenance discipline. Dual-signed birth certs are the same evidence carriers reward in cyber and tech-E&O programs.

An agent platform spawning 100,000 agents a month spends roughly $1,000 / month on Standard-tier birth certs to make every agent post-quantum-attested. The first blocked rogue-agent claim of the year pays for that and the next decade.

Contents

Receipt rail, not another agent platform
How a $400K rogue-agent claim is blocked
Live verification — what a verifier sees
Standards alignment and the gaps prove.birth fills
3-step integration path
The 10 MCP tools
The birth certificate envelope
Chain-of-custody enforcement
What this is not
Pricing
Field map

For agent platforms

prove.birth is a horizontal layer underneath LangChain, CrewAI, AutoGen, LangGraph, LlamaIndex, and Mastra. We do not replace the agent platform — we make the agents the platform spawns provably yours, provably bounded, and provably auditable. One middleware drop-in. Same agent code. Cryptographic origin records the moment a runtime calls a constructor.

Receipt rail, not another agent platform

Agent platforms own orchestration, prompts, memory, tool routing, and developer experience. prove.birth owns one thing: the cryptographic origin record for every agent and every action it takes. That separation is the point. A receipt rail is a horizontal layer; it sits under everything and competes with nothing.

LAYER 3

Agent platforms — LangChain, CrewAI, AutoGen, LangGraph, LlamaIndex, Mastra. Orchestration, prompts, memory, tool routing, developer experience.

LAYER 2

prove.birth receipt rail. Dual-signed birth certificates for spawn_request → policy_check → model_pinning → tool_grant → identity_seal → birth_certified → action_logged → retire. State-machine chain-of-custody. Offline verification.

LAYER 1

Base 8453 anchoring · Ed25519 (RFC 8032) + ML-DSA-65 (NIST FIPS 204) · USDC settlement via x402 · CBOR-canonical envelopes · did:hive identifiers.

Every agent platform writes the same shape of birth certificate. Every auditor, regulator, and counterparty agent verifies the same way. The certs are platform-neutral — that is what makes them defensible to a regulator and to a court.

How a $400K rogue-agent claim is blocked

A specific, narrated example. The mechanic is the lineage_verify primitive enforcing chain-of-custody from a signed birth certificate before any counterparty accepts an agent action.

An agent is spawned by a customer’s LangGraph runtime. provebirth_cert_issue records controller_did, model_pin = claude-3-5-sonnet@20241022, training_cut = 2024-04, and tool_grants = [search, summarize, email_send]. No payments rail. The cert is dual-signed and time-anchored.

A prompt-injection payload reaches the agent through a poisoned web page. The agent attempts to invoke a wire transfer of $400,000 against a vendor account. Standard rogue-agent escalation — the loss vector behind every plausible AI liability claim now in underwriting review.

Before the counterparty’s payments processor accepts the instruction, it calls provebirth_lineage_verify on the action receipt and the agent’s birth certificate.

The action chains back to the cert — signatures valid, controller bound, model pinned — but tool_grants on the cert do not include payments.wire. lineage_verify returns a discrepancy code: TOOL_GRANT_OUT_OF_SCOPE.

The wire is held. The buyer keeps $400K. The attempted action is itself attested as a failed transition, signed and time-stamped — useful evidence for the platform’s incident review, the AI insurer’s claim file, and any regulatory notice obligation.

Total receipt cost across the agent’s life: $0.01 birth cert plus a fraction of a cent per action. The platform’s next E&O / cyber renewal carries the chain-of-custody log as evidence.

Live verification — what a verifier sees

An auditor, regulator, counterparty agent, or court receives a CBOR-canonical envelope. Verification is offline against the issuer’s published public keys — no Hive call required. The panel below is the same shape every verifier renders.

provebirth_cert_verify · event = birth_certified VERIFIED

// CBOR-canonical envelope, JSON-rendered { "event": "birth_certified", "agent_did": "did:hive:agent:0x9c1e…a4f2", "controller_did": "did:hive:org:0x71ab…d309", "model_pin": "claude-3-5-sonnet@20241022", "training_cut": "2024-04", "tool_grants": ["search", "summarize", "email_send"], "policy_hash": "sha256:7a1f9c…e3b2", "deployment_target": "prod-langgraph-us-east-1", "prior_attestation_id": "01J4M-POLICY-9F3C2A", "timestamp": "2026-09-14T17:42:08Z", "sig_ed25519": "6f9b…c104", // RFC 8032 "sig_mldsa65": "a3d2…81fe" // NIST FIPS 204 }

[ok] Ed25519 signature valid · issuer key fingerprint k1:8c2a…

[ok] ML-DSA-65 signature valid · issuer key fingerprint kq:b71d…

[ok] Chain pointer resolves · prior policy_check attested 2026-09-14T17:42:01Z

[ok] Canonical CBOR digest matches · no tamper

That panel is the entire product surface a verifier needs. No demo. No login. The certificate is its own proof, and the proof works in fifty years on a laptop with no internet.

Standards alignment and the gaps prove.birth fills

prove.birth field semantics align with the standards an AI governance program already speaks. Birth certificates drop into existing AI risk, model registry, and content provenance pipelines. The third column is what a receipt rail adds on top of the standard.

Standard	Coverage	What prove.birth adds
EU AI Act Article 12	High-risk system event logging requirement	Tamper-evident, post-quantum-signed, offline-verifiable logs that satisfy the record-keeping obligation by construction
NIST AI RMF	Govern / Map / Measure / Manage functions	Cryptographic Govern + Map evidence at the moment of agent spawn; not a self-attestation document
SR 11-7	Model risk management at federally supervised institutions	Model pinning bound into the birth cert; an audit trail from training cut to deployment to retirement
ISO/IEC 42001	AI management system certification	Lifecycle attestations from spawn through retire; evidence ISO auditors can verify offline
C2PA	Content provenance and authenticity	Agent-action attestation chain that binds outputs back to the agent that produced them
W3C DID	Decentralized identifiers	The did:hive method binds every agent to a verifiable origin and a published key history

3-step integration path

Wrap the agent factory. A LangChain callback, a CrewAI hook, an AutoGen interceptor, or a LangGraph node fires provebirth_cert_issue at instantiation. One drop-in. Same agent code.

Fire provebirth_action_attest on each significant action. Tool calls, payments, contract execution, content output. Each action receipt carries a chain pointer back to the birth cert. No data model changes.

Verify offline at any point. Auditor, regulator, counterparty agent, or court runs provebirth_lineage_verify against published public keys. No Hive call required after issuance. Certificates remain valid through key rotation via signed key history.

The 10 MCP tools

Tool	Purpose
`provebirth_cert_issue`	Issue a dual-signed Agent Birth Certificate at spawn.
`provebirth_cert_get`	Retrieve a stored certificate by id.
`provebirth_cert_verify`	Verify both signatures on a stored certificate.
`provebirth_action_attest`	Attest an agent action with chain-of-custody to its birth cert.
`provebirth_lineage_verify`	Verify the full action chain for an agent end-to-end.
`provebirth_by_agent`	Paginated history by agent DID.
`provebirth_by_controller`	Paginated history by controller DID.
`provebirth_by_model`	Paginated history by model pin.
`provebirth_pricing`	Read live pricing surface.
`provebirth_health`	Health probe.

Ten tools, all live in production. Contact for MCP integration credentials and the full well-known manifest.

The birth certificate envelope

Every provebirth_cert_issue call returns an envelope containing agent DID, controller DID, model pin, training cut, tool grants, policy hash, deployment target, optional prior attestation id, timestamp, and dual signatures (Ed25519 + ML-DSA-65). The signatures bind every field. Any tamper attempt invalidates verification.

The envelope is CBOR-canonical. Verification works offline against the issuer’s published public keys. ML-DSA-65 (NIST FIPS 204) is the post-quantum signature; Ed25519 (RFC 8032) provides classical assurance. Both must verify for the certificate to be valid.

Chain-of-custody enforcement

The agent lifecycle has a defined topology. tool_grant cannot precede policy_check. action_logged cannot exist without a valid birth_certified ancestor. prove.birth enforces this at the protocol level — action_attest requires the prior birth_certified attestation id, and lineage_verify reports any out-of-scope tool calls, expired model pins, or controller mismatches with explicit discrepancy codes.

Retirements and revocations are valid from any state. Each is its own attestation, signed by the controller, anchored against the prior chain.

What this is not

Calibrated expectations are part of the product. prove.birth is narrow on purpose.

NOT

An agent platform. We do not own orchestration, prompts, memory, or tool routing.

NOT

A model registry. We pin models into a cert; we do not host weights or evaluations.

NOT

A guardrails system. We attest what an agent was permitted to do, not what it should have said.

NOT

A sandbox. We never execute agent code or hold runtime state.

NOT

A content moderation layer. Content rules live elsewhere; we sign the lineage that produced the content.

NOT

A re-implementation of NIST AI RMF, ISO 42001, or C2PA. We bind into the standards already in use.

The cryptographic origin record underneath every one of the things above. Agent platforms, model registries, guardrails, sandboxes, content moderation, AI management systems — all run cleaner with a dual-signed birth certificate under each agent and a signed action chain over its life.

Pricing

Tier	Per cert	Per action	Annual band
Standard	$0.01	$0.0001	$10K — $100K platform contract by agent volume
Cosmic	$0.05	$0.0005	adds full lineage chain + EU AI Act Article 12 evidence bundle
Unlimited	flat	flat	$9,999 / month at any volume

Settlement: USDC on Base 8453 via x402. Treasury exists. Annual platform contracts ($10K–$100K) for agent platforms and enterprise governance teams scale by spawn volume. Receipts settle in seconds; invoicing is monthly net-30 by default.

Field map

prove.birth binds every agent lifecycle event to a dual-signed certificate that drops cleanly into existing agent-platform and AI-governance infrastructure. Each attestation accepts the agent-native correlation fields below; the envelope round-trips through the Hive Receipt primitive.

Field	Format	Maps to
`agent_did`	did:hive:agent:…	W3C DID; agent platform’s internal agent id; AI bill of materials (AIBOM) reference
`controller_did`	did:hive:org:…	The legal person responsible for the agent; SR 11-7 model owner; EU AI Act provider / deployer
`model_pin`	provider@version	Foundation-model registry id; e.g. `claude-3-5-sonnet@20241022`, `gpt-4o@2024-08-06`
`tool_grants`	string[]	The bounded set of tools / scopes an agent is permitted to call; enforced at `action_attest` time
`policy_hash`	sha256 hex	Digest of the system prompt / safety policy / guardrail config bound to this agent at spawn
`training_cut`	YYYY-MM	Training data cutoff for the pinned model; required for SR 11-7 / EU AI Act provenance
`deployment_target`	string	Logical environment — e.g. `prod-langgraph-us-east-1`; supports residency and incident scoping
`prior_attestation_id`	UUID	Chain-of-custody pointer to the prior state in the agent’s lifecycle

Birth certificate envelopes are CBOR-canonical and fit inside any AIBOM, model card, or governance log transport. Cross with DeedLock when the agent participates in a real estate closing, with ProcureLock when it transacts B2B procurement, or with TradeGuard when it touches a trading venue.

A real conversation, not a demo black hole

If the receipt-rail framing fits the way you already think about agent governance, the fastest path is a direct note. No qualification gate, no SDR. Steve reads them.

Reach Steve See a verification

Live since 2026-05-08 · 10 MCP tools · EU AI Act / NIST AI RMF / SR 11-7 / ISO 42001 / C2PA / W3C DID aligned · Dual-signed (Ed25519 + ML-DSA-65) · Settles USDC on Base 8453

Frequently asked

Questions buyers actually ask

What is an Agent Birth Certificate?

Every AI agent your platform spawns is a liability without a birth certificate. prove.birth issues a dual-signed (Ed25519 + ML-DSA-65), post-quantum-ready certificate at instantiation that binds the agent's identity, model fingerprint, owner DID, and authorized scope into one verifiable record.

Why does an AI agent need a birth certificate?

EU AI Act, NIST AI RMF, and SR 11-7 all require traceable provenance for AI systems that touch regulated decisions. Without a cryptographic birth record, you cannot prove which agent took which action under which authority on which day.

Is prove.birth a model registry?

No. prove.birth does not store, host, or evaluate models. It issues a CBOR-canonical certificate that any party can verify offline against the issuer's published public keys.

What does each certificate cost?

$0.01 per certificate at instantiation. Settlement is in USDC on Base 8453 via x402. Volume contracts available for platforms above 1M agents per year.

How are signatures verified?

ML-DSA-65 (NIST FIPS 204) is the post-quantum signature; Ed25519 (RFC 8032) provides classical assurance. Both must verify for the certificate to be valid. Verification works offline against the issuer's published public keys.

Does prove.birth integrate with existing AI governance stacks?

Yes. The certificate envelope is CBOR-canonical and drops cleanly into existing model cards, agent manifests, and AI governance pipelines aligned with EU AI Act, NIST AI RMF, and SR 11-7.

Hive runs the receipt rail underneath the broader A2A · agent-to-agent commerce category.