Visa CLI · Receipt-on-file fleet

Card-on-file settles the dollar. Receipt-on-file settles the proof.

The Visa Commerce Layer for Intelligence turns any AI endpoint into a Visa-rails merchant. The Visa CLI Receipt, called hive-vcr-1, makes that merchant call provable, admissible in court, and portable. Ten reference categories. One open spec. MIT-licensed. Drop-in for any merchant endpoint, today.

10 categories · 30+ reference vendors · ML-DSA-65 · FRE 902(13) to (14)
The pattern, in one breath

Visa moves the money. Hive moves the proof. The two close the same loop.

An AI merchant on the Visa CLI accepts a Visa-rails authorization for an x402 or MPP call. Before that call returns, the operator co-signs a Visa CLI Receipt: prompt hash, output hash, model class, region, training-data posture, license tier, and the Visa authorization reference. The receipt is portable. It can be checked offline. It stands up in court without us. Card-on-file and receipt-on-file are the same loop, closed in different lanes.

Reference fleet · 10 categories

Every endpoint the Visa CLI is likely to onboard, already in receipt form.

Each tile is a category, not a single vendor lock-in. Operators inside a category co-sign the same envelope shape. What changes is which attestation fields fire. This is the surface area we're shipping receipt coverage for first.

Category

Image Generation

DALL-E · Midjourney · Stable Diffusion · Flux · Recraft

Per-image receipts. Prompt hash co-signed. Model + region + training-data class attested at the operator. Settles in USDC on Base.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Music Generation

Suno · Udio · Stable Audio

Per-track receipts with rights-class attestation. Source-corpus and licensing posture co-signed before generation runs.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Proprietary Datasets

Bloomberg · S&P · Reuters · Crunchbase

Per-query receipts that record license-tier, redistribution-class, and seat-binding. License agreement hash signed into the envelope.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

LLM Inference

OpenAI · Anthropic · Mistral · Cohere · DeepSeek

Per-call receipts. Region, hardware-class, training-region, and prompt-redaction posture co-signed before tokens flow.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Code Generation

GitHub Copilot · Cursor · Replit

Per-suggestion receipts. License-class of training corpus, repo-binding, and copyleft-exposure flags attested at the operator.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Video Generation

Sora · Runway · Pika · Luma

Per-clip receipts. C2PA-aligned provenance plus Hive countersignature. Likeness and rights posture attested before render.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Voice / TTS

ElevenLabs · PlayHT

Per-utterance receipts. Voice-print consent class and likeness-rights attested before synthesis runs.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Embeddings · Vector

Pinecone · Weaviate · Cohere

Per-batch receipts. Index-region, retention, and corpus-class co-signed. Drop-in for RAG pipelines that need an admissible trail.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Search · Retrieval

Brave · SerpAPI · Exa

Per-query receipts. Source-class and freshness-window attested at the operator. Citation chain co-signed into the envelope.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Category

Compute · GPU

Modal · Replicate · RunPod

Per-job receipts. Hardware-class, region, isolation-class, and duration co-signed. The job ran where the receipt says it ran.

envelopehive-vcr-1
settlementUSDC · Base
verificationoffline
Open, not locked in

hive-vcr-1 is MIT. The mint is public. The verifier is one binary.

A merchant can adopt the receipt envelope without taking on a Hive dependency. There's no SDK that has to run inside your inference path. The envelope is a 30-line JSON object. The signature is ML-DSA-65 (NIST FIPS 204). The verifier is a 200-line reference implementation we've published. Read the spec, then mint one against a live endpoint to see the round trip.

Four primitives · the substrate underneath

What a Visa CLI authorization doesn't prove on its own.

A Visa CLI authorization is a payment primitive. It proves a charge was authorized on the merchant's rails. On its own, it doesn't prove what the merchant did with the call, where the call ran, what the call returned, or whether the artifact holds up as evidence. The four primitives below close that gap. Each one ships natively in the receipt envelope, and each one is genuinely hard to build into a payment-rail stack.

PRIMITIVE 01

The operator co-signs right at the inference boundary.

The authorization proves the charge. The receipt proves the call. Prompt hash, output hash, model class, region, and rights posture get co-signed by the operator with ML-DSA-65 before the response returns. The operator sits inside the merchant's inference path; the rail doesn't. A payment network can't ship this, because a payment network that sits inside the inference path stops being a payment network.

PRIMITIVE 02

You can check it offline. No rail endpoint needed.

Checking a Visa CLI authorization means calling Visa. Checking a hive-vcr-1 receipt takes zero network calls: the verifier pins one public key and walks the signature. That matters because when a compliance team or a regulator wants to check a receipt, they don't want to depend on the rail being online, on the rail's uptime promises, or on the rail's data-retention policies. Evidence you can check offline beats a lookup that only works while the rail is up.

PRIMITIVE 03

It's built to meet FRE 902(13) to (14) admissibility.

A Visa transaction record gets into evidence the way any business record does: through a custodian, with foundation testimony, under the business-records exception. A hive-vcr-1 receipt authenticates itself under FRE 902(13) and 902(14). No custodian, no testimony needed. That's the difference between the rail testifying on the merchant's behalf in a lawsuit and the receipt walking into court on its own. The rail can't be the self-authenticating source for a merchant's disputes. The receipt can.

PRIMITIVE 04

One envelope works across rails. Card-on-file or stablecoin-on-file, same proof.

The envelope is built so the payment-reference field carries whatever authorization belongs to the rail: card-on-file today, stablecoin-on-file tomorrow, whatever comes next. Same canonical format, same signature scheme, same verifier. A merchant who adopts hive-vcr-1 for one rail gets every other rail for free. The rail itself can't ship this, because it is, by definition, the rail. The substrate that survives a rail change is the one merchants will pick by default, which is exactly why a Visa CLI built on a rail-agnostic envelope ends up stronger, not weaker.

Posture

The outcome is public. The receipt doesn't ask you to trust Hive.

You can check the Visa CLI Receipt using public keys you pin once and never have to re-fetch. If Hive disappeared tomorrow, every receipt ever minted would still be checkable on its own, still admissible under FRE 902(13) to (14), and still acceptable to a Tier-1 auditor under the same standard as any other ML-DSA-signed evidence. This isn't a brand. It's a primitive.