Hive Civilization is a single-founder operation today. We address key-person risk transparently through documented controls, not by obscuring the reality. This page details every continuity control in place or in progress, and is honest about the gap between current state and target state.
An honest account of single-founder operational reality and the controls that reduce, but do not eliminate, key-person dependency.
Steve Rotzin is the sole decision-maker, sole technical operator, and sole signatory on operating accounts. No co-founder. No technical co-lead. Production access is currently held by one person. This is the baseline risk the controls below are designed to mitigate.
Multisig treasury with independent co-signers. Admin access distributed across GitHub org, Cloudflare, and Render with second administrators named. Break-glass procedures documented and held by outside counsel. Insurance in force. Board observer seat active.
The current treasury address and the transition plan to multi-signature governance.
Production treasury is being migrated to a 2-of-3 Gnosis Safe multisig on Base (Chain ID 8453). This migration is in progress and is targeted for completion within 30 days of this page going live. Until the migration is complete, treasury operations remain under sole founder control.
The Gnosis Safe contract address will be published on this page and in the quarterly transparency report upon deployment. Verification link to BaseScan will be added at that time.
The target configuration requires 2 of 3 designated co-signers to approve any treasury transaction above a de minimis threshold. Co-signers are independent of each other and of the company.
Signer identities will be published by name upon their written consent and the execution of the multisig deployment. No signer is a Hive Civilization employee.
Reducing single-point-of-failure across source control, CDN, compute, and secrets management.
GitHub organization is being configured with a second organization administrator who is not the founder. Admin credentials are independent. Branch protection rules are set; merges to main require review. Break-glass admin access documented separately.
Planned — 30 DaysCloudflare account will have a second Super Administrator designated. The second admin is a named individual external to the company, with access documented in the break-glass envelope held by outside counsel. Cloudflare zone ownership is not founder-personal-email bound.
Planned — 30 DaysRender team account will be converted from personal to team billing and a second team owner added. The second owner has independent login credentials. Services run under team ownership, not personal account.
Planned — 30 DaysProduction secrets are stored in 1Password. A break-glass envelope containing vault access credentials and recovery kit is held in physical custody by outside counsel. The envelope specifies the conditions under which it may be opened.
ActiveDomain registrar account credentials are included in the break-glass vault. Transfer authorization codes are documented and held by outside counsel. No domain is registered under a personal account that cannot be transferred.
ActiveAll production API keys are inventoried in the 1Password vault with service name, scope, and rotation schedule. Keys are service-bound, not person-bound. The inventory is current as of the date of each quarterly transparency report.
ActiveLegal framework for company continuity in the event of founder incapacity, death, or voluntary departure.
Founder's estate plan has been updated to address company equity and operational assets. A specific bequest of company ownership interest is in place. Executor has been briefed on the nature of the business and the existence of the break-glass vault.
DoneAn Operating Partner Agreement is being drafted with a named technical operating partner. The OPA authorizes the operating partner to make day-to-day technical decisions and execute against the product roadmap in the event of founder unavailability for more than 14 consecutive days. The OPA does not convey equity; it conveys operational authority.
In ProgressA board observer seat is reserved for a major enterprise customer beginning Q4 2026. The observer has information rights and may attend board meetings. This control provides an additional external check on continuity planning and is a commitment Hive makes as part of enterprise-tier contracting.
Planned — Q4 2026We are honest that the following policies are not in force today. These are the target coverage amounts and target dates. We will update this page when each policy is bound.
| Policy Type | Target Limit | Status | Target Date |
|---|---|---|---|
|
Errors & Omissions (E&O) Professional liability for software products and services |
$2,000,000 | Not in force | Q3 2026 |
|
Directors & Officers (D&O) Liability coverage for leadership decisions |
$3,000,000 | Not in force | Q4 2026 |
|
Cyber Liability First-party and third-party cyber incident coverage |
$5,000,000 | Not in force | Q4 2026 |
Customers requiring insurance certificates as a procurement condition should contact [email protected] to discuss the current state and anticipated timeline. We will not represent a bound policy until a certificate of insurance is issued.
Controls available to enterprise customers that reduce your dependency on Hive's operational continuity regardless of what happens on our end.
Iron Mountain source code escrow is available as an option on enterprise-tier contracts. Escrow is updated on every production release. Release conditions include: company insolvency, failure to maintain the service for more than 30 consecutive days, or customer-triggered audit right.
Enterprise TierThe Cloudflare Workers-based receipt verifier can be deployed to a customer-controlled environment. This means receipt verification continues to function even if the Hive-hosted verifier endpoint becomes unavailable. Documentation available on request.
Enterprise TierAn authenticated data export endpoint is always available regardless of contract tier. Customers may retrieve all their receipt data, evidence bundles, and associated metadata in a portable format (JSON + signed manifest). No lock-in by design.
Always AvailableEvery receipt issued by the Hive infrastructure is independently verifiable from the on-chain anchor and the ML-DSA-65 signature alone, without any dependency on Hive's hosted infrastructure or operational continuity. Receipts are designed to outlive the company.
By DesignWe address this question directly rather than euphemistically. The following documents what happens in the event of founder incapacity, death, or extended unavailability.
Outside counsel opens the break-glass envelope per the defined activation conditions. The named operating partner assumes day-to-day technical authority per the OPA. Enterprise customers are notified via the status page and direct email within 24 hours of outside counsel activation. The multisig Signer 2 (outside counsel) and Signer 3 (fractional CFO) can execute treasury operations without Signer 1.
The operating partner, armed with the break-glass vault and documented runbooks, maintains production infrastructure. Cloudflare, Render, and GitHub are accessible via the documented second-admin credentials. No single service requires a personal login tied exclusively to the founder to keep running. Source code escrow customers are notified; the escrow release process may be initiated by the customer if release conditions are met.
The estate plan and OPA collectively govern long-term disposition. Options include: operating partner assumption of leadership, strategic sale, or orderly wind-down with customer data export and on-chain receipt verification preserved. Customers with source-code escrow receive their escrow release automatically upon qualifying event. The on-chain receipt verification path is permanent and does not depend on Hive's corporate survival.
Hive commits to a quarterly transparency report covering the items below. The first report will be published Q3 2026. Reports are public and linked from this page.
Enterprise customers are automatically subscribed. Others may request subscription by emailing [email protected] with subject line 'Transparency Report Subscription'.
Subscribe →For the complete controls inventory, SOC 2 engagement status, sub-processors, incident response runbook, and compliance roadmap, see the main security page.