SRPR · Royalty Provenance · Money Layer Patent Pending

Prove which plays are real before a royalty dollar moves.

SRPR is the Signed Royalty-Provenance Receipt: a patent-pending, offline-verifiable attestation that binds a fraud or AI-origin determination to its exact effect on a shared payout pool — across music, video, podcasts, and live. One signature per batch. Post-quantum sealed. Independent of the platform that pays out. Set the pool, set the fraud rate, mint a real receipt in your browser.

See it on a real song ↓ Mint a live receipt ↓
ML-DSA-65
post-quantum seal (FIPS 204)
1sig / batch
one signature, whole period
0secret
verify on a laptop, no key holder
Cross-platform
one standard, every payer
See it on one real song

Follow one famous track through one royalty period.

The simplest way to understand SRPR: take a work everyone knows, run it through a single payout cycle on any platform, and watch where the signed receipt drops in. The platform keeps its own engine and its own data — SRPR seals the result. Same flow runs across every work in the catalog, every month — a song, a podcast, a film, an audiobook.

Pick one and watch the mechanism catch a fake play below.

1D
“One Dance”
Drake feat. Wizkid & Kyla · Views (2016) · identified by ISRC + ISWC
4B+
streams · one of the most-played tracks ever
Where does the data come from, and how is the song authenticated?
Source of truth

The play counts live in the platform's own playback logs — the same data it already uses to calculate royalties. SRPR never asks for new tracking; it reads the platform's existing determination.

Who provides it

The platform licensed the recording from the label or distributor, which delivered it with industry identifiers. The platform holds the usage and runs the integrity call — so the platform mints the receipt.

How identity is authenticated

The track is pinned by its ISRC (recording) and ISWC (composition) — the same codes labels, PROs, and DDEX reports already use. The receipt commits to those plus the period and market, then the platform signs it with its own key. Identity is bound, not asserted.

1

The plays come in

In a given month, “One Dance” logs millions of plays. Most are real fans. A slice are bots, click farms, or undisclosed manipulation.

raw stream count
2

The platform's engine decides

The platform's own fraud filter flags the fake plays and keeps the real ones. This is the determination — the call the platform already makes today.

fake plays excluded
3

SRPR seals the call

At payout time, SRPR mints one receipt binding the ISRC/ISWC, the real-vs-fake split, the model and policy version, and the exact pool effect — then the platform signs it.

receipt minted & signed
4

Anyone can verify

The artist's label, a PRO, or a court verifies the receipt offline with the public key. No call back to the platform, no trust required — the math is provable.

offline-verifiable
What it gives the artist

Proof the real plays were counted and the fakes were caught

  • A signed artifact showing exactly how many plays counted toward the pool — not a dashboard number taken on faith.
  • If a payout looks wrong, the artist's team holds an independently verifiable receipt instead of filing a support ticket and waiting.
  • In a dispute or lawsuit over fake streams, the receipt is tamper-evident evidence of the calculation basis — portable, no expert re-run needed.
  • Pinned to the track's ISRC and ISWC, so it reconciles in one format across every platform.
What it gives the platform

A tool to sell, and a shield in payments and legal

  • Turns fraud-fighting work the platform already does into a premium, provable service — an artist-trust feature it can offer and price.
  • Settles payment disputes with one receipt instead of a manual investigation, cutting reconciliation cost and support load.
  • In litigation or a regulator inquiry, hands over a signed evidentiary trail for the divisor — defensible, not “trust our internal logs.”
  • Sensitive listener and stream IDs stay committed and private; the receipt proves the outcome without exposing user data.
The mechanism, watch it work

Someone tries to game a payout. The determination fires. A receipt seals what really happened.

A fake stream is the same move everywhere: a bot or a bootleg pushes plays to skim a pool that belongs to real creators. Watch one fake attempt get caught, excluded, and sealed into a signed receipt the platform can hand a rightsholder, an auditor, or a court. The works cycle — a song, a podcast, a film, an audiobook — because the mechanism is identical.

🥶
Bot farm
Fake stream
manipulated
Determination
Real or fake?
EXCLUDED
− fake play excluded
SRPR sealed
workOne Dance
verdictfake / excluded
pool effectdivisor protected
sealML-DSA-65
sig: 7f3a…c91d · verify offline
1. A fake play is pushed at the pool
What it actually is

The same receipt that proves an AI inference, pointed at a money-moving decision.

A fraud or AI-origin call is itself a model inference: a model takes an input and emits a determination. SRPR signs that determination the way we sign any inference — a commitment over the inputs, the model and policy version bound in, one post-quantum seal, verifiable offline by anyone. It is not a new kind of thing. It is the provenance rail for every model-made decision that moves a royalty dollar — built before a platform is forced to need it.

Provenance is becoming a compliance surface, not a nice-to-have.
AI-origin disclosure already ships through the industry credits standard, and platforms openly note that the absence of a credit does not prove a track was not AI-made. That is a label with no proof layer underneath it. SRPR is the proof layer — and because it is post-quantum from day one, the evidentiary value holds for the full life of a dispute that can surface years after the stream.
Agentic-inference receipt

Same family as our inference receipts

A determination is an inference. SRPR commits to the inputs, binds the model and policy version, and seals it once — identical machinery to the receipts that already prove a chat completion or a live session.

Future provenance

For the agentic catalog that's coming

As AI-assisted and agent-made tracks flood every catalog, “which model decided this was legit” becomes the central audit question. A signed, model-bound determination answers a regulator years ahead of “our system flagged it.”

Post-quantum longevity

Holds for the life of the dispute

A royalty record is a long-lived financial document. Classical signatures erode as quantum advances; these are sealed with ML-DSA-65 today, so a receipt minted now is still defensible whenever the dispute lands.

The hole in the royalty pool

Streaming royalties are a fixed pro-rata pool. Every fake play steals from a real artist.

A platform pays ~70% of revenue into one pool, then splits it by share of real plays. Fraud, bots, and undisclosed AI tracks dilute the divisor — so honest creators get less than they earned. Platforms catch enormous volumes of this every year. What's missing is a way to prove, after the fact, which determination moved which dollar.

×Today 1

No independent proof for the work already done

A platform runs a strong fraud filter and reports the results, but a rightsholder, regulator, or artist still has no external artifact confirming the divisor. Good work without a verifiable receipt is hard to defend in a dispute.

×Today 2

Determinations leave no receipt

Tracks get removed and streams get zeroed out, but the decision evaporates. When a label disputes a payout, or a court asks for the basis, there is no signed artifact tying the call to the dollar effect.

×Today 3

Every platform reinvents it alone

Spotify, Apple, YouTube, Amazon each build a private, incompatible integrity system. A label reconciling across all four gets four black boxes and zero portability.

The money, live

Set the pool. Set the fraud rate. See the dollars SRPR puts back.

This is the part that pays for itself. Move the sliders and watch how much of a royalty pool is being diluted by fraud and undisclosed AI — and how much a provable recovery rate returns to honest rightsholders, on a defensible, signed basis.

Royalty pool / period $1.0B
Spotify paid 11B+ to rightsholders in 2025. Slide to your platform's pool.
Fraud + undisclosed-AI share 8%
Share of plays that are bots, stream farms, or undisclosed AI diluting the divisor.
Provable recovery rate 70%
Fraction of diluted dollars that SRPR lets you re-attribute to real rightsholders, with a signed basis.
Dollars returned to real rightsholders / period
$56M
Of $80M diluted by fraud, $56M re-attributed on a signed, disputable basis.
$80M
Diluted by fraud / AI
12.4M
Receipts to mint / yr
Pool composition this period
92% real plays8% diluted
How it gets paid for

Priced as a primitive, not a tax. We charge for the proof and the protection.

We do not price per stream and we do not take a cut of the pool — the payout is not ours to claim. The model is three stacked lines, aligned so we get paid more only when more is protected. Figures below are illustrative and driven by adoption and provable recovery; the shape is the point.

Line 1 · Volume

Per-receipt fee

A micro-fee on each sealed determination — the fraud, AI-origin, and pool-qualification calls a platform already makes.

~$2.5M/yr at $0.05 × 50M receipts
Line 2 · The big one

Integrity-recovery share

A share of the dollars a platform provably protects via sealed receipts — never of the whole pool, only of what it recovers.

~$34M/yr per anchor platform, mid case
Line 3 · Premium

Indemnity / evidentiary tier

An annual license for indemnity-grade SLA and a signed evidentiary trail for legal and regulatory use.

$6M–$50M/yr across 3–10 customers
Illustrative single music anchor, mid case: ~$39M/yr. But the same three lines apply to every medium below, and the determination surface is far larger outside music: a video anchor lands near ~$153M/yr, podcasts ~$15M, live and UGC ~$49M. One anchor per medium is already ~$256M/yr, and broad cross-platform adoption puts the whole-canon ceiling near $316M–$540M/yr — well above the music-only range of $90M–$240M. Settled in USDC on Base.
The whole canon

Not just music. Any medium where a determination decides who gets paid.

Music is the clearest example, but the pattern is everywhere: a platform runs an engine that decides what counts — real vs. fake, human vs. AI, valid vs. invalid — and then money flows by share of what counted. Every one of those decisions is a model-made determination that moves a dollar. SRPR signs it. The determination engine differs by medium; the receipt is identical and portable across all of them.

Music streaming

Recorded music royalties

A fixed pro-rata pool split by share of real plays. Platforms remove tens of millions of spam tracks and apply stream thresholds before paying out billions to rightsholders each year.

DeterminationReal / fake play, AI-origin, pool qualification — bound to ISRC + ISWC, period, market.
Video

Creator video monetization

Platforms route tens of billions in ad revenue to creators by share of valid views, invalidating non-organic views and running rights-match claims before revenue splits.

DeterminationValid-view, invalid-traffic, rights-match — bound to asset ID, view window, revenue-share effect.
Podcasts & audio

Spoken-word and podcast payouts

Audience-driven payouts and ad-share programs distribute hundreds of millions to publishers, after removing tens of thousands of fake or spam shows and verifying eligible listens.

DeterminationEligible-listen, fake-show removal, ad-impression validity — bound to show, episode, period.
Live & UGC

Live streaming and user content

Live platforms separate real concurrent audience from bot inflation, withholding or clawing back payouts tied to fraudulent viewership and invalid ad impressions.

DeterminationReal-viewer, view-bot exclusion, impression validity — bound to channel, session, payout window.
Drill into one medium

One receipt. Every payer who runs a pro-rata pool.

Below is the music case in detail, since it is the largest and most contested today. The same primitive drops into any platform that pays creators by share of plays, views, or listens — the determination engine differs, the signed receipt is identical and portable.

Stream-fraud + AI disclosure

Spotify — prove the divisor before $11B moves

Spotify removed 75M+ spammy tracks and 57K fake podcasts in twelve months and added a 1,000-stream royalty threshold. That is the determination. SRPR turns each determination into a signed receipt binding the track and stream to its included/excluded effect on the pro-rata pool, for the stated market and period.

  • Each removal or threshold call mints a receipt: asset commit, stream commit, outcome, pool effect, model + policy version.
  • The DDEX AI-credit disclosure becomes a provable ai_origin determination, not a self-reported flag.
  • A label disputing a payout gets an offline-verifiable artifact instead of a support ticket.
  • A high-profile fake-stream dispute gets a signed evidentiary trail for the calc basis.
Per-play accounting integrity

Apple Music — sign the per-stream rate basis

Apple pays a published per-play rate and audits for artificial streaming. SRPR attaches a signed receipt to each integrity determination, so the rate applied to a play is bound to a provable judgment about whether that play was real and human-originated.

  • Every excluded play carries a receipt the rightsholder can verify without calling Apple.
  • AI-origin determinations ride the same receipt for disclosure-rule compliance.
  • Portable across Apple's distributors, so reconciliation is one standard, not many.
View-validity + Content ID

YouTube Music — bind valid-view calls to payout

YouTube already invalidates non-organic views and runs Content ID claims. SRPR makes each valid-view and each claim determination a signed, portable receipt — so the revenue split that follows has an independent, tamper-evident basis a claimant can check.

  • Invalid-view determinations mint excluded-effect receipts tied to the monetization pool.
  • Content ID match calls carry a receipt binding asset, claim, and revenue-share effect.
  • Cross-checks against Spotify/Apple receipts because the schema is the same.
The network effect

Amazon Music, the major labels, and the PROs

The value compounds when the receipt is the same everywhere. A label reconciling across every platform, or a rights organization like SoundExchange or the MLC distributing a collective pool, gets one verifiable format instead of one black box per payer.

  • Amazon Music mints the identical receipt for its own pro-rata pool.
  • UMG / Sony / Warner reconcile across all DSPs against one schema.
  • SoundExchange / MLC attach signed provenance to collective-license distributions.
  • Every new payer that adopts SRPR makes every existing receipt more valuable.
The receipt, for real

Mint and verify an SRPR in your browser. No server. No secret.

This runs the actual SRPR primitive in your browser with WebCrypto. It commits each event, builds a Merkle root over the determinations, signs the payload, and verifies it offline. Then tamper with one outcome and watch verify reject it — exactly what an auditor's laptop would do.

Determination batch

Six plays from one period. Three legit and included in the pool, three fraudulent and excluded. Sensitive stream IDs are committed with off-receipt salts.

srpr.receipt.json awaiting mint 
// Click "Mint + sign receipt" to build a live SRPR.
// Everything below runs locally with WebCrypto — nothing leaves your browser.
Why this works as a partnership

A receipt only has value when an independent party issues it.

Your fraud teams are already world-class at catching bad streams. SRPR adds the one thing internal tooling structurally can't: proof a rightsholder, regulator, or artist can verify without taking anyone's word for it. We hand you that proof — you keep running your engine.

Layer 1 · Independence

An independent signature carries weight a self-signed one can't

A receipt that proves the royalty divisor is honest lands hardest when a neutral party issues it. Hive is that third party. You get external credibility for results your own teams already produce.

Layer 2 · Cross-platform standard

One format every payer trusts

A label reconciling across Spotify, Apple, YouTube, and Amazon needs one verifiable schema, not four private ones. A neutral standard across all of them means your receipts already speak the language every rightsholder is asking for.

Layer 3 · Post-quantum signer

ML-DSA-65, built and running

SRPR seals on a NIST FIPS 204 post-quantum signer. This is years of substrate work — the same signer behind every Hive receipt. You get a future-proof cryptographic guarantee without standing up a crypto team to maintain it.

Layer 4 · Patent IP

Patent Pending on the primitive

The method — binding a determination outcome to its pro-rata pool effect with a redaction-compatible, offline-verifiable signed receipt — is filed. The primitive is protected, not just the implementation.

Layer 5 · Neutral incentive

Aligned with accuracy, not with any side

Hive is paid per receipt and on integrity recovered. We have no stake in any artist, label, or platform winning a dispute — only in the determination being provable. That neutrality is what makes the receipt trusted by everyone downstream.

How we work together

You recover real dollars. We price to the value.

Royalty-pool integrity is one of the largest line items in streaming. SRPR makes the savings provable and the proof billable: a per-receipt fee, an integrity-recovery share, and an indemnity tier. You pay against value delivered, not a subscription.

Frictionless tie-in

From this page to a live receipt to production, without a meeting.

You already minted a receipt above. The production path is the same three calls, pointed at your determination engine. Drop-in SDK, one signing endpoint, offline verifier ships with the key.

1

Wrap your determination engine

Your existing fraud filter or AI-origin classifier emits its verdicts. An adapter (stream_fraud or ai_origin) normalizes them — no change to your ML.

2

Mint a batch receipt

One call per period builds the Merkle root and posts the signing payload to the Hive signer. One ML-DSA-65 signature seals the whole batch.

3

Hand the receipt to anyone

Labels, regulators, and artists verify offline with the public key — no call back to you. Sensitive stream IDs stay committed, never disclosed.

mint_period_receipt.js 
// 1. your engine's verdicts, normalized by the stream_fraud adapter
const batch = {
  pool_ctx: { pool: "global-premium", market: "US", period: "2026-05" },
  model_ref:  "mir:stream-integrity:v3",
  policy_ref: "policy:fraud-threshold:2026.05",
  events: streamVerdicts,   // [{track_id, stream_id, verdict, confidence}, ...]
};

// 2. build + sign — one ML-DSA-65 signature for the whole period
const { receipt, signing_payload, secrets } = buildReceipt(batch, { engine: "stream_fraud" });
const sig = await hiveSigner.sign(signing_payload);   // POST to the Hive signer

// 3. anyone verifies offline, no secret, no callback
const { ok, problems } = verify(receipt, sig, HIVE_PUBLIC_KEY);
// ok === true  ->  divisor basis is provable for this pool/market/period

Turn the fraud you already catch into proof everyone can verify.

SRPR gives your royalty-integrity work an independent, signed receipt your rightsholders, regulators, and artists can check for themselves. Post-quantum, cross-platform, built to drop in alongside your engine.

Talk to us about a pilot → Mint another receipt
SRPR · Signed Royalty-Provenance Receipt · Patent Pending · ML-DSA-65 · USDC on Base
SRPR is a patent-pending Hive Civilization primitive. The receipt asserts determination_provenance_only — it proves the determination, the asset and event it bound, its pro-rata pool effect, and the model and policy version that produced it. It does not assert that the determination is substantively correct. Dollar figures in the simulator are illustrative and driven by your slider inputs. Spotify rightsholder-payment and track-removal figures are public 2025 reporting. SiGR, MiR, GCA, AFiR, and the full primitive family live at /.