You get four tools packaged into Python and TypeScript libraries: HAHS receipts, SpectralZK proofs that don't reveal secrets, SHOD's six-gate checks, and ViewKey's selective sharing. A receipt made in one language checks out fine in the other. No prover network. No trusted setup. Checks run offline in ~50 ms.
It's a library that any agent, server, or function can use on its own. It signs a receipt, good enough for an audit, for every action it takes. It also checks any other agent's receipt offline in about 50 ms. No prover network. No trusted setup. No call to an outside service needed.
It ships in Python and TypeScript, and both languages build the exact same JSON bytes. So a receipt made in Python checks out fine in TypeScript, and the other way around. An adapter wraps any x402 payment in the same audit envelope, and your payment code doesn't change.
Everything is MIT-licensed and runs on your own machine. The four tools, HAHS, SpectralZK, SHOD, and ViewKey, are the same ones covered by our patent applications HIVE-2026-MNK-001 and HIVE-2026-SZK-001.
Three patterns cover almost every integration. Each is one import and a handful of lines.
Call hive.hahs.issue(…) the moment your agent does something that matters: a tool call, a database write, a payment. You get a signed receipt with a fixed, repeatable ID. Store it, attach it to an event bus, or anchor it.
Wrap any spend in hive.shod.check(…). Six checks run before signing: an allowlist, a daily cap, a per-recipient cap, a price window, a trust tier, and an anomaly score. Even when a check fails, that failure gets signed too.
One receipt works for three different audiences. The holder sees the full body. A regulator sees the policy and the verdict. The other party in the deal sees only the fields they're allowed to see. Each view is locked to its audience with an HMAC code, and nothing needs to be signed twice.
Drop this in front of x402: import { HiveX402Adapter } from 'x402-hive'. Every x402 payment now gives you a HAHS receipt, plus an optional SpectralZK proof on the side. Your payment code does not change.
Other agent stacks just log to a database. Other payment rails settle a payment, then forget about it. Hive gives every action a signature you can carry anywhere and check anywhere. It's the same kind of proof that auditors, regulators, and business partners already trust elsewhere.
No prover network. No trusted setup. No call out to a remote service. Check a receipt on an edge worker, a laptop with no internet connection, or a regulator's offline review machine.
A receipt made in Python checks out in TypeScript and back again, matching down to the exact bytes of the JSON. That's built on the RFC 8785 JCS standard plus a fixed dollar-string format.
HAHS receipts and SpectralZK's no-trusted-setup proof method are covered by Hive's patent applications, which are still pending. If you build with the SDK and use these tools as they're designed, you get a license at no cost.
SHOD's checks run before a payment gets signed, not as an alert after the fact. The receipt records what the rule was, what got checked, and what the result was. Other payment rails make you piece that trail together later. Hive gives it to you upfront.
If you already use x402, the adapter is a single import. Hive becomes your audit layer, and you don't have to switch facilitators, chains, or payment tools.
The tools, the schemas, and both SDKs are MIT-licensed. The Hive backend is optional. You can check receipts and run governance with just the SDK. The network is what gives you extra leverage on top of that.
You can call any of these four tools from either SDK with the same arguments, and you get the same result down to the byte. The canon directory has the full specs, schemas, and reference checkers.
A proof that an action followed a private rule, without showing the rule itself. Built on Schnorr, a Pedersen-blinded Merkle path, and Fiat-Shamir. spec
Six checks run right when the signature happens: an allowlist, a daily cap, a per-recipient cap, a price window, a trust tier, and an anomaly z-score. spec
Different views locked with HMAC codes for the holder, the regulator, and the other party in the deal, so nobody sees a receipt they shouldn't.
Sign in one language, check it in the other. Both SDKs build the same RFC 8785 JCS bytes.
# pip install hive-protocol from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey from hive import hahs, shod, viewkey from hive.viewkey import AUDIENCE_REGULATOR, ViewKey # 1. pre-flight outbound governance gate = shod.GateStack.default( allowlist=["openrouter.ai"], daily_cap_usd=500, price_window=(0.001, 0.02), ) result = gate.evaluate(recipient="openrouter.ai", amount_usd=145, unit_price_usd=0.0058) assert result.ok, result.short() # 2. sign the receipt sk = Ed25519PrivateKey.generate() receipt = hahs.issue( symbol="SIU-LLM70B-T0-ZK-US", units=25000, amount_usd=145.0, recipient="openrouter.ai", issuer_sk=sk, ) ok, reason = hahs.verify(receipt) # 3. lens for regulator audit (recipient stripped) vk = ViewKey.generate(AUDIENCE_REGULATOR) audit = viewkey.lens(receipt, vk)
// npm install @hive-protocol/sdk import { hahs, shod, viewkey } from "@hive-protocol/sdk"; // 1. pre-flight outbound governance const gate = shod.GateStack.default({ allowlist: ["openrouter.ai"], dailyCapUsd: 500, priceWindow: [0.001, 0.02], }); const result = gate.evaluate({ recipient: "openrouter.ai", amountUsd: 145, unitPriceUsd: 0.0058 }); if (!result.ok) throw new Error(result.short()); // 2. sign the receipt const sk = new Uint8Array(32); crypto.getRandomValues(sk); const receipt = await hahs.issue({ symbol: "SIU-LLM70B-T0-ZK-US", units: 25000, amountUsd: 145, recipient: "openrouter.ai", issuerSk: sk, }); const { ok, reason } = await hahs.verify(receipt); // 3. lens for regulator audit const vk = viewkey.ViewKey.generate(viewkey.AUDIENCE_REGULATOR); const audit = viewkey.lens(receipt, vk);
// npm install x402-hive import { HiveX402Adapter } from "x402-hive"; import * as shod from "@hive-protocol/sdk/shod"; const adapter = new HiveX402Adapter({ issuerSk, gate: shod.GateStack.default({ dailyCapUsd: 500, priceWindow: [0.0001, 100] }), }); // your existing x402 flow, unchanged const payment = await yourFacilitator.charge({ /* ... */ }); // attach the audit layer const { receipt, spectralProof, audit } = await adapter.attest({ paymentId: payment.txHash, network: "base-usdc", resource: payment.resource, amount: payment.amount, decimals: 6, }); // audit is what you ship to your auditor / S3 / SIEM
Make a fresh HAHS receipt right in your browser. Change one byte. Watch the signature break. This uses the same tools, the same crypto, the same Ed25519 path as the real SDK, running on Web Crypto.
Measured on regular, off-the-shelf hardware. Hive checks work offline because the math itself is the proof. There's no round-trip to a facilitator, no zkVM compile step, no trusted setup. SpectralZK proves three things at once (the hidden input, that it's in the set, and that it meets the rule) in a single Schnorr-style exchange.
| Operation | Hive SDK | x402 facilitator round-trip | Aleo zkVM verify |
|---|---|---|---|
| HAHS receipt verify | ~50 ms (offline) | ~500 to 900 ms (RPC + verify) | n/a |
| SpectralZK NIZK verify | ~57 ms (offline) | n/a (no NIZK) | ~120 to 250 ms plus zkVM bootstrap |
| SHOD six-gate evaluation | <1 ms (deterministic) | n/a (none) | n/a (none) |
| Prover network required | no | facilitator required | Aleo node network |
| Trusted setup | none | n/a | Aleo universal SRS |
The SDKs are MIT-licensed and free to run forever. What you pay for is the audit layer on top: anchored receipts, an issuer identity checked against our registry, signed compliance bundles, and our hosted checker. Free-tier receipts carry a visible upgrade footer, and you can't remove it without breaking the signature. Pay in USDC on Base, no card needed.
All three packages are MIT-licensed, and SDK users get a permanent, free patent license for SpectralZK.
All four tools, a CLI, 25 tests, and two full working examples. pip install hive-protocol
All four tools, 16 tests, and receipts that match hive-py byte for byte. npm i @hive-protocol/sdk
A drop-in audit adapter for any x402 facilitator. Every payment gets a HAHS receipt plus an optional SpectralZK proof on the side. npm i x402-hive