Every clip leaves a receipt. Every likeness claim is signed.
A video-gen merchant on the Visa CLI mints one hive-vcr-1 receipt per clip. Likeness-rights posture, source-prompt hash, C2PA manifest hash, and rights class are co-signed before the clip finishes rendering.
The fields the operator co-signs before this call returns.
The operator signs every field below with ML-DSA-65, the government's post-quantum signature standard, and Hive signs it too. If a field is missing, that's not a default setting. It means the check failed. The merchant can't hand back a result without the receipt, and the receipt can't exist without these fields.
Video Generation · attestation fields
Three places this category needs a receipt yesterday.
Broadcast-grade provenance
A network that accepts generated B-roll gets the C2PA manifest and a Hive signature in the same package. You run two checks through one verifier.
Deepfake refusal at the operator
If the likeness policy says no, the operator won't sign. A clip that never gets signed never gets paid for. That's how the system enforces the rule.
Ad-platform compliance
Every clip uploaded to a paid surface carries its own proof, one a court can accept. The platform's policy team can check it offline.
One endpoint. One envelope. No Hive dependency in your inference path.
A video generation operator adopts hive-vcr-1 by adding the receipt package to its response and publishing a verification key. Hive's signature rides alongside the operator's own, off to the side. It never sits on the critical path. If Hive goes away, the operator's receipts still check out against the operator's own key.