Start free, self-host
forever, or let us run it.
Every cryptographic primitive and standards-conformance claim lives in the open-source release — Apache 2.0, free forever, reproducible offline. Cloud Free, Pro, and Enterprise add hosted operations on top of the same capabilities: managed Postgres, workers, webhooks, residency, SSO. You never pay to unlock crypto you could run yourself.
The complete attestation toolkit. Every cryptographic primitive and standards-conformance claim is here, reproducible offline. Run it on your own infrastructure.
- 47 MCP tools, full Python core + npm verifier
- Ed25519 / JCS / RFC 6962 Merkle, W3C VC + DID, UCAN
- Local SQLite storage
- Base L2 Sepolia testnet anchoring (BYO testnet ETH)
- Compliance MCP tools + GDPR Article 17 erasure
- Bundle import + export, CLI
The same OSS capabilities, run by us. One workspace, hosted Postgres, nothing to operate. The funnel step — start here, move to Pro when you outgrow the caps.
- Hosted dashboard, no database to run
- 1 workspace (capped usage)
- Up to 2 team members
- Sepolia testnet anchoring (100 / month)
- Bundle export (portability is a right)
- Community support
Not a checkout. Self-serve billing (Stripe for cards, Razorpay for UPI/INR) is coming as we finish the billing backend — until then we onboard you directly.
≈ ₹8,316/mo, billed in INR for Indian customers via Razorpay. Indicative — final INR set at checkout.
Production hosting with team management, webhooks, and mainnet anchoring. You pay us to run the operation — managed Postgres, workers, dispatcher — not for capability.
- Everything in Cloud Free, uncapped
- Up to 10 team members + RBAC
- Webhooks: 5 endpoints, HMAC + dual-sign rotation
- Base mainnet anchoring (pay-as-you-go gas)
- EU or US data residency
- Email + Slack support
Not a checkout. Self-serve billing (Stripe for cards, Razorpay for UPI/INR) is coming as we finish the billing backend — until then we onboard you directly.
For regulated operators with SSO, BYOK, residency, and SLA requirements. Custom legal and customer-funded compliance attestation packs.
- Everything in Pro, unlimited
- SSO / SAML / SCIM + custom roles
- Custom residency (India, Middle East, country-specific)
- BYOK — HSM / KMS signing keys
- Cold archive (R2/S3, 7-year), dedicated workers, SLA
- DPA / BAA + customer-funded SOC 2 / ISO 42001 packs
Pro is $99/mo per workspace; the agreed launch target. Enterprise is priced per deployment — SSO, BYOK, residency, SLA, and DPA scope drive the quote. Self-serve checkout (Stripe + Razorpay) is launching soon; we onboard directly until then.
Nine things that never move
into a paid tier.
This is the line we hold. No feature is removed from OSS to drive a cloud upgrade — paywalls exist only on operational scale (managed uptime, SSO config, BYOK HSM, SLA). The capability is always shippable by self-hosters.
What ships in each plan.
| Capability | OSS | Cloud Free | Cloud Pro | Cloud Enterprise |
|---|---|---|---|---|
| Core capability (OSS — never paywalled) | ||||
| Python core + npm verifier | ✓ | ✓ | ✓ | ✓ |
| MCP server (47 tools) | ✓ | ✓ | ✓ | ✓ |
| Framework integrations (LangChain, OpenAI Agents, CrewAI) | ✓ | ✓ | ✓ | ✓ |
| Ed25519 signing, JCS, RFC 6962 Merkle | ✓ | ✓ | ✓ | ✓ |
| W3C VC / DID, UCAN delegation chains | ✓ | ✓ | ✓ | ✓ |
| Compliance MCP tools (Annex IV, Art 47, conformity record) | ✓ | ✓ | ✓ | ✓ |
| GDPR Article 17 erasure tooling | ✓ | ✓ | ✓ | ✓ |
| Bundle import | ✓ | ✓ | ✓ | ✓ |
| Bundle export (portability is a right) | local | ✓ | ✓ | ✓ |
| CLI (serve, verify-chain, import, export, list) | ✓ | ✓ | ✓ | ✓ |
| Storage & anchoring | ||||
| Local SQLite storage | ✓ | — | — | — |
| Hosted Postgres (no DB to run) | — | ✓ | ✓ | ✓ |
| Base L2 Sepolia testnet anchoring | ✓ | 100 / mo | ✓ | ✓ |
| Base mainnet anchoring (pay-as-you-go gas) | — | — | ✓ | dedicated cadence |
| Hosted operations | ||||
| Hosted dashboard (app.attestix.io) | — | ✓ | ✓ | ✓ |
| Workspaces | self-host | 1 | 1 + add-ons | unlimited |
| Team members + RBAC | self-host | 2 | 10 | unlimited |
| Webhooks dispatcher (HMAC-signed, retried) | self-host | — | 5 endpoints | unlimited |
| Standard data residency (EU or US) | self-host | ✓ | ✓ | ✓ |
| Support | community | community | email + Slack | + dedicated CSM |
| Enterprise controls | ||||
| SSO / SAML / SCIM | — | — | — | ✓ |
| Custom roles + per-route permissions | — | — | — | ✓ |
| Custom residency (India, Middle East, country-specific) | — | — | — | ✓ |
| BYOK — HSM / KMS signing keys | — | — | — | ✓ |
| Audit cold-archive (R2/S3, 7-year retention) | — | — | — | ✓ |
| Dedicated worker pool + SLA (99.9%) | — | — | — | ✓ |
| DPA / BAA / custom legal | — | — | — | ✓ |
| Customer-funded SOC 2 / ISO 42001 attestation packs | — | — | — | ✓ |
"self-host" means the capability exists in OSS for you to run yourself — the Cloud tiers run it for you. Derived from the canonical tier matrix; if a row is not here, it is not yet a committed public claim.
Honest answers.
Yes. Attestix OSS is Apache 2.0 and self-hosted. Every cryptographic primitive and standards-conformance claim lives in the open-source release and is reproducible offline. Nine capabilities are committed to never move into a paid tier — they are listed above. The Cloud sells hosted operations, not capability.
They run the same capabilities. With OSS you operate the database, workers, and dispatcher yourself. Cloud Free runs all of that for you — hosted Postgres, one workspace, nothing to manage — capped so you can try the hosted path before moving to Pro. No feature is removed from OSS to drive the upgrade; you pay Cloud for the operational labour, not for access.
Self-serve checkout — Stripe for international cards, Razorpay for INR/UPI for Indian customers — is being built as we finish the billing backend. Until it ships, we onboard Pro and Enterprise customers directly: pick "Notify me" or "Contact sales" and we reply within one business day. There is no checkout button that does not work yet — that is deliberate.
Always, on every tier including Cloud Free. Portability is a right, not a paid feature. OSS runs attestix export; Cloud exports the same wire format. See the bundle wire-format spec and verify any bundle offline with the verifier.
No. Sepolia testnet anchoring is free everywhere (you bring your own testnet ETH). Base mainnet anchoring is pay-as-you-go gas, available on Cloud Pro and above. Mainnet schema registration is planned; today the spec targets Base Sepolia (chain 84532).
Attestix is evidence tooling, not a guarantor of compliance. The provider of an AI system remains liable under EU AI Act Articles 16–22; Attestix produces the cryptographic evidence — identity, credentials, hash-chained audit trail, conformity records — that supports your own assessment. Compliance attestation packs (SOC 2, ISO 42001) on Enterprise are customer-funded and scoped per engagement, not a shipped certification.