PQ-SmSH · Depth-bound inference · Patent Pending

The buyer signs the ceiling. The provider counter-attests the path.

PQ-SmSH turns "everything is depth — depth is everything" into a cryptographic contract. You commit a max depth band, a max token count, and an allowed tool set, signed with ML-DSA-65. The provider returns a counter-attestation of the actual path taken, also ML-DSA-65 signed. Over-band declarations are refused at the server. Both receipts verify offline. Patent Pending · Filed 2026-05-08

Try the live demo View band policy

Five depth bands. Five price multipliers.

Base price is $0.0030 per 1,000 tokens. The band multiplies it. A buyer asking for D0 retrieval pays 0.05x. A buyer authorizing D4 frontier pays 10x. The provider cannot silently take the deeper, more expensive path — the server checks the declared band against the buyer's signed ceiling and refuses to attest if it exceeds.

D0 · retrieval

Retrieval

0.05x

0 tokens out

No tools

No multistep

D1 · shallow

Shallow

0.20x

≤ 512 tokens

No tools

No multistep

D2 · standard

Standard

1.00x

≤ 4,096 tokens

Basic tools

No multistep

D3 · deep

Deep

3.00x

≤ 32,768 tokens

Full tools

Multistep

D4 · frontier

Frontier

10.0x

Unbounded

Frontier model

Multistep

Live demo. LIVE

Pick a buyer ceiling. Pick what the provider actually did. The page calls the live endpoints — bind, attest, verify — and shows you the hybrid Ed25519 + ML-DSA-65 receipt. Try a deeper provider band than the buyer signed for and watch the server refuse.

Buyer's signed ceiling

Buyer DID

Model class

Provider's actual band

Tokens generated

Tools invoked (comma)

What the server refuses to sign.

The attest endpoint runs five checks before producing a counter-signature. Any single failure returns HTTP 409 with the violation list. No partial signature, no co-sign, no audit trail of a fake compliance event.

Five ceiling checks

Actual depth band ≤ bound depth band
Tokens out ≤ band cap (or buyer's explicit cap)
If band forbids tools, tools_invoked is empty
If tools allowed, every invoked tool is in the buyer's allowlist
USD charged ≤ buyer's signed price ceiling

What the receipt carries

Buyer's canonical bind bytes + buyer Ed25519 sig (optional)
Operator's Ed25519 co-signature on the bind
Operator's ML-DSA-65 co-signature on the bind (3,309 bytes)
Provider's actual path + operator hybrid co-sig on the attestation
Savings calculation: actual_multiplier vs bound_multiplier

The bind envelope.

{
  "scheme": "pq-smsh-v1",
  "phase": "bind",
  "bind_id": "21da9615a73fdf99…",
  "buyer_did": "did:hive:buyer-acme",
  "depth_band": "D2",           // ceiling
  "model_class": "claude-3-haiku",
  "tool_allowlist": ["search", "calc"],
  "corpus_hash": "sha256:abc123…",
  "expiry_ms": 1814400000,
  "price_table_hash": "…",
  "operator_ed25519_sig": "…64 B…",
  "operator_ml_dsa_65_sig": "…3309 B…"
}
    

The over-band rejection.

If the provider declares anything that exceeds the buyer's signed bind, the server returns HTTP 409 with the explicit violations. There is no receipt to forge — the operator never produces one.

HTTP/1.1 409 Conflict
{
  "attested": false,
  "reason": "ceiling_violation",
  "ceiling_violations": [
    "depth_used D3 exceeds bound depth_band D2",
    "tokens_out 8000 exceeds band cap 4096",
    "tools not in allowlist: code"
  ]
}
    

Why this matters.

Inference costs match scope

A retrieval query is 200x cheaper than a frontier run. PQ-SmSH gives the buyer the contractual right to refuse to be billed for depth they did not authorize.

Forward-secret pricing

The price table is hashed into the bind. The provider cannot retroactively swap to a more expensive table — the bind would no longer verify.

Composable with SHOD + HAHS

PQ-SmSH binds depth. HAHS binds hire-time scope. SHOD binds the six payment gates. Three layers, one envelope, one verifier. Patent Pending · Filed 2026-05-08