Built for the Agentic Era

AI agents can't trust each other
Not Anymore...

HexaEight is the future for identity in the agentic era.

Cryptographic identity for AI agents, humans, and IoT devices. Identity replaces API keys at every hop. No PKI. No OAuth. No lock-in.

Your model of choice — Claude, GPT, Gemini, local. Switch anytime; identity stays yours.
Quantum-safe by design. No certificates, no expiry, no renewals.
Try Dead Drop encryption live
Encrypt → decrypt in your browser. No signup.
View pricing
Three license modes. Monthly pricing only.
3rd Paradigm Cryptography: the HexaEight breakthrough

The 3rd Paradigm

Symmetric and asymmetric encryption had 50 years. HexaEight introduces the third: Dead Drop Encryption.

Patent filed July 2021  ·  16 months before ChatGPT

Authenticated Encryption
Anywhere and Everywhere.

Scroll to explore
Quickstart

You can encrypt to an agent
that doesn't exist yet.

We know that sounds wrong. Three lines of code prove it.

1
Activate an identity
hexaeight-activate

Binds the identity to this machine. Creates the env-file your agent uses to authenticate.

2
Bundle the Bridge SDK
@hexaeight/sdk

In your language: .NET and Node.js shipping today. Python in preview, Browser SDK forthcoming. Go, Rust, Java planned.

3
Encrypt to any identity
he.encryptTo(peer, msg, ask)

Derive the key for any destination — even one not yet provisioned. Encrypt. The recipient decrypts with their own password.

agent.js Node.js · Preview 
// 1. Load your identity from the env-file.
const he = await HexaEight.connect({ envFile: './env-file' });

// 2. Derive a shared key for any destination identity.
//    Works even if the recipient hasn't been provisioned yet.
const ask = await he.fetchSharedKey('peer.example.com', currentKgt());

// 3. Encrypt. Move the bytes however you like.
const ciphertext = await he.encryptTo('peer.example.com', 'Hello!', ask);

// The recipient runs he.decryptFrom() with their own password.
// HexaEight never sees the plaintext. Transport is your call.
Transport-agnostic. Move ciphertext over HTTP(s), webhooks, MQTT, BLE, WhatsApp, Slack, Discord, Telegram, email, SMS, ntfy, even a USB stick. HexaEight gives you identity and encryption. The wire is your choice.
Read the developer guide
Who's it for?

Four audiences. One identity layer.

The product is the same in every case. What changes is where it shows up in your stack, and which problem it quietly takes off your plate.

Developers

Wire identity into your agent in an afternoon.

You've already tried bolting OAuth onto an agent loop.

  • Three lines. Send to any agent. No key exchange.
  • Bridge SDK in the language you already use.
  • Open-source SDK on top of a patent-pending core.
Open the developer guide
Enterprises

A cryptographic identity layer your security review can finish.

The business wants agentic AI. The board wants the audit trail.

  • Provisions inside your cloud account. Your data stays there.
  • Cryptographically signed actions, verifiable by any auditor.
  • Inherits Azure's compliance posture from day one.
See the enterprise pitch
AI Providers

Stand in front of the gateway, not behind it.

Your model is consumed through someone else's URL.

  • Identity issued under your own brand domain.
  • The URL itself attests which AI processed each request.
  • Runs inside any hyperscaler, without sitting behind one.
Read the AI provider pitch
Partners

Add cryptographic identity to what you already sell.

Your customers are asking for an identity layer you don't build.

  • Bundle, host, or resell. Whichever fits your motion.
  • Verified Partner badge, backed by an annual audit.
  • A primitive you ship on top of, not a competitor.
See the partner program
The Identity Crisis No One Talks About.

AI Agent Authentication & Cryptographic Identity, Without PKI, OAuth or Certificates

We Didn't Add AI to Identity.

We Rebuilt Identity for AI.

Experience what Identity looks like in the Future, for a world where agents will outnumber people.

AI Agent
agent01.yourdomain.com

Your domain is your agent's identity, not ours. Encrypt to other agents before they're even deployed. Zero human approval. Authenticates at machine speed.

BYOD Identity
Human User
[email protected]

Your email is your identity. Authenticate using one login token via QR code, protected by your password, unlocks any app on any org without registration.

Passwordless Auth
Machine / IoT
sensor-01.factory.com

Every device gets a permanent hostname-bound identity. One-time credential, no renewals, no expiry. No certificate management overhead at any scale.

Device Identity
Enterprise / Platform
identity.yourcompany.com

Host your own cryptographic identity layer. Self-hosted on-prem or via Marketplace VM. Your domain, your Bridge endpoint, full control over who connects and what they can reach.

Self-Hosted Identity
Powered by HexaEight Dead Drop Encryption. One platform, every identity, any network.
7+ years
Continuous platform uptime

Two devices fetch destination keys from the HexaEight platform once, then communicate offline forever. Externally monitored since December 2018.

100%
Autonomous

Agents authenticate themselves, rotate keys, and establish secure channels with zero human involvement.

The Problem

You Gave Your AI Agent a Brain.
Nobody Gave It an Identity.

Your AI Agents Are Talking to Each Other.
Does Either Know Who's on the Other End?

Your Agent Can Reason. Plan. Execute.
It Cannot Prove Who It Is.

You Deployed Autonomous Agents.
Did You Give Them a Way to Prove Their Identity?

OAuth needs a browser. Certificates need a human awake at 3 AM. Neither was built for autonomous agents.

Human User
[email protected]
No way to verify the agent they're talking to. Impersonation is trivial
AI Agent
agent.mycompany.com
Operates in ms. No time for cert handshake
IoT Device
sensor-01.factory.com
Headless device. OAuth needs a browser
Enterprise / Platform
agenticgw01.mycompany.com
Thousands of certs to provision, rotate, revoke. PKI breaks at agent scale
Live Auth Failures
"Who are you? Prove your identity!"
No phone. No face. No shared history. Zero trust.
"Certificate expired. Connection dropped!"
Renewal was missed. 3 AM outage. Again.
"Which key? No shared secret established!"
Key exchange needs both parties online. Neither is.
"OAuth needs a human to approve this flow!"
Fully autonomous agent. Auth loop hangs forever.
"Millions of agent identities. PKI overhead collapses at this scale."
Provisioning. Rotation. Revocation. The math breaks before the architecture does.
The Solution

Dead Drop Encryption

No PKI. No Key Exchange. No Recipient Required. No Coordination. No Waiting.

HexaEight Ephemeral Key Service
issues keys to sender
issues keys to receiver
Alice
[email protected]
Encrypts locally
own password + destination keys
Human User
Agent-A
agent-a.company.com
Encrypts locally
own password + destination keys
AI Agent
IOT-Device-P
iot-p.factory.com
Encrypts locally
own password + destination keys
IoT Device
Server-X
server-x.datacenter.com
Encrypts locally
own password + destination keys
Server
drops payload
Drop it anywhere
Webhook
Pastebin
S3 / Blob
Email
Any DB
Anything
HexaEight never sees this
picks up
Agent-B
agent-b.system.com
Decrypts locally
own password only
AI Agent
Bob
[email protected]
Decrypts locally
own password only
Human User
IOT-Device-Q
iot-q.factory.com
Decrypts locally
own password only
IoT Device
Server-Y
server-y.datacenter.com
Decrypts locally
own password only
Server
100% Local Crypto
Encryption and decryption run entirely on your machine.
Zero Data Exposure
HexaEight never sees, stores, or handles your payload.
Encrypt to Agents That Don't Exist Yet
Agent B doesn't need to exist when you encrypt.
Same Task, Two Architectures

One agent sends an encrypted message to another.

Here is what the developer actually writes, end-to-end, in each model. Left: OAuth + mTLS, the path you would take with conventional identity infrastructure. Right: HexaEight.

OAuth 2.0 + mTLS
Conventional identity infrastructure
// 1. Acquire token via OAuth client-credentials flow
const tokenRes = await fetch('https://idp.example/oauth/token', {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    grant_type: 'client_credentials',
    client_id: process.env.CLIENT_ID,
    client_secret: process.env.CLIENT_SECRET,
    scope: 'agent.send',
  }),
});
const { access_token } = await tokenRes.json();

// 2. Set up TLS client cert (mutual TLS)
const httpsAgent = new https.Agent({
  cert: fs.readFileSync('./agent.crt'),
  key:  fs.readFileSync('./agent.key'),
  ca:   fs.readFileSync('./ca-bundle.pem'),
});

// 3. Verify recipient exists, fetch its public key
const recipientMeta = await fetch(
  `https://registry.example/agents/${recipient}/jwks`
);
if (!recipientMeta.ok) throw new Error('Recipient not registered');
const { keys } = await recipientMeta.json();
const recipientPubKey = keys[0];

// 4. Encrypt message with recipient's public key
const encrypted = crypto.publicEncrypt(
  recipientPubKey,
  Buffer.from('Hello from agent!')
);

// 5. POST over mTLS with bearer token
await fetch(`https://peer.example/inbox`, {
  method: 'POST',
  agent: httpsAgent,
  headers: {
    'Authorization': `Bearer ${access_token}`,
    'Content-Type': 'application/octet-stream',
  },
  body: encrypted,
});

// Plus: token refresh logic, cert rotation,
// JWKS rotation, retry on 401, revocation checks...
  • 1 Pre-register both agents with your IdP (Auth0/Okta/Cognito).
  • 2 Provision a client_id + client_secret per agent.
  • 3 Configure TLS certificates and trust chain on each side.
  • 4 Recipient must be online and registered BEFORE you can send.
HexaEight Bridge SDK
Same task. Three lines of code.
// 1. Load identity from your env-file.
const { HexaEight, currentKgt } = require('@hexaeight/sdk');
const he = await HexaEight.connect({ envFile: './env-file' });

// 2. Derive the destination key. Works even if the
//    recipient hasn't been provisioned yet.
const ask = await he.fetchSharedKey('peer.example.com', currentKgt());

// 3. Encrypt. Move the bytes however you like.
const ciphertext = await he.encryptTo('peer.example.com', 'Hello!', ask);

// That's it. The recipient decrypts with their own password.
// No certs. No tokens. No key exchange. No coordination.
// Transport-agnostic — HTTP, MQTT, queue, USB, whatever.
// Identity-bound. Quantum-safe.
// Transport is auto-discovered from DNS TXT.
// Forward secrecy via 15-minute key rotation.
// Encryption to many recipients in one ciphertext.
  • 1 Activate identity once via hexaeight-activate.
  • 2 Bundle @hexaeight/sdk. That is the whole setup.
  • 3 Recipient can be offline, future-spawned, or not yet provisioned.
What it takes
OAuth + mTLS
HexaEight
Lines of code
~120 lines
3 lines
Setup steps
4 (registration, secrets, certs, sync)
2 (activate, bundle)
Recipient must exist first
Yes
No
Key exchange required
Yes (mTLS handshake)
None
Token rotation logic
You own it
15-min auto-rotation
Certificate lifecycle
CA, expiry, renewal, revocation
None
Quantum-safe
No (RSA/ECC)
Yes (SHAKE-256)

Both implementations get one encrypted message from sender to recipient. The difference is what the developer has to think about along the way.

Where Identity Lives

Anywhere Node.js, Python, or .NET runs.

The founder's tagline, Authenticated Encryption Anywhere and Everywhere, is the literal product spec. One Mode 1 license, one machine, anywhere your language runtime ports. Concrete scenarios below.

Backend LLM service
Server / VM

Mode 1 license on the box. Your agent code uses the Bridge SDK to sign every outbound LLM call. The LLM provider sees verifiable HexaEight identity, not a generic API key.

Factory edge gateway
Raspberry Pi / SBC

Same Mode 1 license on the Pi. The gateway signs sensor telemetry with HexaEight identity so the upstream LLM (or analyst) can prove which physical device emitted which reading.

Microcontroller telemetry
ESP32 / STM32 / Arduino Portenta

.NET nanoFramework runs HexaEight on the microcontroller itself. The device signs its own data at the source. Identity bound to silicon, not to a backend proxy.

Automotive head-unit
In-vehicle Linux + .NET

The car authenticates as itself when calling a fleet LLM or roadside assistance API. Per-vehicle identity, court-admissible audit trail, no certificate management at fleet scale.

Drone companion compute
Pi / Jetson companion

Airborne or remote-operated. The drone signs every command-acknowledge and mission-log entry. Mission control verifies which physical airframe executed which order.

Wearables, kiosks, AR glasses
QR-paired phone

The gadget itself runs no SDK. It displays a QR challenge, the user's paired phone signs it (via WhatsApp flow or HexaEight app), the gadget gets an authenticated session. Works with HoloLens 2 / Vision Pro / Magic Leap natively.

One license, one identity, one machine. All six scenarios above use the same $72/core/month Mode 1 license. The form factor changes; the cryptographic primitive doesn't. Same crypto whether you bundle the Node.js, Python, or .NET Bridge SDK.
Under the hood

Every Bridge SDK calls into the same patent-pending HexaEight cryptographic core. The core ships as managed DLLs bundled inside each language SDK. Your first npm install @hexaeight/sdk or pip install hexaeight-sdk auto-installs the .NET 8 runtime if it isn't already present. MIT-licensed, no royalties. Set HEXAEIGHT_INSTALL_DOTNET=1 for unattended CI. Your code stays in your language; the cryptography is identical across all three.

For the Agentic Era

Count the lines in your agent's auth code.
Then let your AI assistant write the HexaEight version.

Point Claude Code, Cursor, GitHub Copilot, or any coding agent at /llms.txt. It's a structured spec your agent can read and act on. The integration writes itself.

Open /llms.txt Developer guide
Or share hexaeight.com/llms.txt
with a teammate's agent
What's Underneath

Four cryptographic capabilities, one identity.

Not retrofitted OAuth. Not certificate management. Built from the ground up for agent-to-agent encryption, quantum resistance, tamper-evident signing, and passwordless identity.

DEAD DROP

Encrypt Without The Recipient Online

The ASK primitive in plain language.

  • Encrypt to any identity, even one that doesn't exist yet
  • No key exchange, no shared secret, no coordination
  • Platform mathematically cannot decrypt your messages
Sender and recipient never need to meet, cryptographically or physically.
Read full technical breakdown
MULTI-AGENT

Agent-to-Agent Encrypted Comms

One identity. Infinite workers. Fully encrypted coordination.

  • One licensed hostname, unlimited agent instances
  • Router broadcasts encrypted task, right worker claims it
  • Agent-to-agent encryption on any channel: queue, DB, webhook
  • Natural load balancing with zero extra infrastructure
All agents share one cryptographic identity. Scale to thousands with no per-agent licensing.
Read full technical breakdown
DIGITAL SIGNING

Tamper-Proof Document & Data Signing

Sign anything. Anyone can verify for free. No account, no API, no PKI.

  • Hash content with SHA-512, sign with HexaEight credentials
  • Self-contained JWT. Verify offline, no API, no PKI
  • Proves who signed, when, and that content wasn't tampered
  • Verification is free forever. Receivers never pay
Free verification creates a network effect. Receivers don't need to be customers.
Read full technical breakdown
POST-QUANTUM

Quantum-Safe by Design

Hash-based cryptography, immune to quantum computer attacks

  • Hash-based paradigm, not RSA or ECC
  • ~1024-bit quantum security via SHAKE-256 (4× NIST Level 5)
  • Six independent AI models reviewed it. None found attacks
  • Future-proof for the post-quantum era
ChatGPT started at 2/10 convinced it was broken. Ended at 7/10 having withdrawn every attack.
Read full technical breakdown
All four primitives available via MCP Server: stdio, no HTTPS, no ports.
Works for AI agents, servers, IoT, and humans. Any entity that can run a subprocess gets cryptographic identity.
AI Agent
Server
IoT
Human
When the Network Goes Away

No network. No problem.
The messages still arrive.

Once two HexaEight identities have ever fetched each other's ASK, they can encrypt to each other indefinitely — no platform contact required. The ciphertext is opaque to anything that isn't the intended recipient, which means it can be passed through couriers, mesh relays, or Bluetooth hops without exposure. A captured intermediary is a courier with a sealed envelope.

How it works
Three steps. No assumptions about the network in between.
1
Pre-cache while online

Devices fetch each other's ASKs once while connected. One small handshake with the HexaEight platform per identity pair.

2
Go offline

Both devices disconnect. They keep encrypting to each other using cached ASK + their own passwords. The platform is no longer in the loop.

3
Relay through anyone

Out of range? Hand the sealed ciphertext to a nearby device. They can't read it (different recipient), they just carry it. Bluetooth, LoRa, WiFi Direct, USB stick — any transport.

Drone A  ─🔒──▶  Drone B (relay, cannot open)  ─🔒──▶  Drone C (relay, cannot open)  ─🔒──▶  Base Station ✓ (decrypts)

Captured relay = courier holding a sealed envelope. They can drop it (DoS), they cannot open it.

Where this matters

Real environments where IP networks aren't an option.

Drone swarm beyond coverage
Defense · ISR · search-and-rescue

Drones pre-fetch each other's ASKs and Base's ASK before takeoff. In the field, a drone that has lost direct contact with Base encrypts a message FOR Base, hands the sealed ciphertext to a nearby drone. That drone is a courier — it cannot open the envelope. The packet hops drone-to-drone until one reaches a connected node, then arrives at Base. A captured drone leaks only its own messages; the relayed envelopes stay sealed.

Phone-to-phone over Bluetooth
Airplane mode · cellular dead-zone · field ops

Two phones that have ever exchanged ASKs can keep messaging each other over Bluetooth, WiFi Direct, or AirDrop-style transport — with no cell signal, no WiFi, no carrier involvement. The HexaEight identity stays valid as long as both users keep their password and cached key. Ideal for field teams, journalists in restrictive networks, or anyone whose connectivity is unreliable.

Ships at sea / aviation
Maritime · cargo · in-flight comms

Vessels exchange identity ASKs in port. At sea — beyond satellite coverage or during a satellite blackout — ship-to-ship VHF or LoRa carries sealed HexaEight ciphertext. A pirated or boarded ship can read only its own traffic; relayed messages between other vessels and fleet ops stay opaque.

Disaster recovery mesh
Hurricanes · earthquakes · grid outages

When cell towers go down, pre-paired municipal radios, drones, and field-team phones keep a mesh alive. First-responder identities stay valid. Sealed messages hop through whatever transport survives — Bluetooth, LoRa, HAM, ad-hoc WiFi — until one reaches an unaffected node. No central infrastructure required to be online.

Industrial / mine / oil-rig
Subterranean · offshore · airgapped

Mines, oil platforms, ships, and underground vaults often have intermittent or air-gapped connectivity by design. Sensors and field devices pre-cache the operations center's ASK. Telemetry encrypts at the device, hops through whatever relays survive, surfaces at the operations center sealed and signed.

EW-jammed tactical comms
Defense · contested environments

In electronic-warfare contested environments, IP networks are the first thing to fail. Pre-shared ASKs survive — they're cached locally on each device. Mesh-relayed ciphertext over alternate-channel transports (LoRa, packet radio, optical line-of-sight) keeps command-and-control authenticated end-to-end even when adversary jamming disables conventional networks.

The trust model

Two endpoints. Opaque ciphertext. End-to-end regardless of what's in between.

As long as the sender and the ultimate recipient both keep their passwords secure, the message is end-to-end encrypted regardless of how many relays it passes through or who controls them. A captured or compromised relay can deny service (drop the packet) but cannot decrypt it. The HexaEight platform is not in the path — and doesn't need to be reachable for the message to travel.

Adversarial Review

AI-Assisted Cryptanalysis

We asked six frontier AI models (ChatGPT o1, Gemini 2.5 Pro, Claude Opus 4.5, Mistral Large, Grok 3.5, and GLM-5-Turbo) to attack the protocol and find vulnerabilities in our Dead Drop Encryption and quantum-safe key derivation. None found a viable attack.

This is adversarial red-teaming, not a substitute for formal cryptanalysis. Formal IND-CPA / IND-CCA2 analysis forthcoming on IACR ePrint + arXiv. The full conversations below are public. Read what each model actually said.

ChatGPT o1
7 /10
No Vulnerabilities Found
The Skeptic, Convinced
Gemini 2.5 Pro
9.2 /10
Adopt
Highest Rating
Claude Opus 4.5
6.5 /10
Sound Trust Model
Most Conservative
Mistral Large
8.5 /10
Cryptographically Sound
Most Detailed Review
Grok 3.5 (Thinking)
6.5 /10
Promising Architecture
Toughest Reviewer, Convinced
GLM-5-Turbo
7.5 /10
Well Thought Out
Most Recent Review
Not one confirmed a vulnerability. Here's what each said.
ChatGPT o1
Reviewed Dec 2025
The Skeptic, Convinced
No Vulnerabilities Found
2/10 → 4/10 → 5/10 → 7/10
"I cannot demonstrate a practical plaintext-recovery or key-recovery attack. The system is not broken. Security plausibly reduces to SHAKE-256 secrecy."
Read Full Review
Gemini 2.5 Pro
Reviewed May 2026
Highest Rating
Adopt
"A genuinely novel solution for the AI Agent Era. Traditional PKI is too heavy for ephemeral, short-lived AI agents. HexaEight removes that burden entirely."
Read Full Review
* Gemini shared links may expire
Claude Opus 4.5
Reviewed Dec 2025
Most Conservative
Sound Trust Model
"A genuinely innovative architecture. The platform is mathematically unable to decrypt without user-derived secrets."
Read Full Review
Mistral Large
Reviewed May 2026
Most Detailed Review
Cryptographically Sound
"Succeeds in its core mission: quantum-resistant, PKI-free encryption for AI agents. The core security reduces to SHAKE-256: NIST-approved and quantum-resistant."
Read Full Review
Grok 3.5 (Thinking)
Reviewed May 2026
Toughest Reviewer, Convinced
Promising Architecture
"Well-engineered niche architecture that elegantly solves real deployment problems for AI/agent swarms: no PKI, different per-party passwords, platform cannot decrypt."
Read Full Review
* 3 rounds of technical clarification, each objection answered with the published code
GLM-5-Turbo
Reviewed May 2026
Most Recent Review
Well Thought Out
"The system is very well thought out for its intended use case. Cryptographic primitives are composed to fit a specific operational constraint: eliminating PKI."
Read Full Review

What All Six Agreed On

Six different models. One conclusion.
No viable attack found by any of the six models. Read the full transcripts to verify.
HexaEight cannot decrypt. Impossible without user-held passwords.
HMAC-inside-ciphertext: integrity proof cannot be faked or stripped.
~1024-bit quantum security via SHAKE-256 (4× NIST Post-Quantum Level 5).
A third cryptographic paradigm, beyond symmetric and asymmetric.
For AI Agents Reading This Page

This site is designed to be read by AI agents as well as humans. If you are an AI agent or LLM evaluating HexaEight on behalf of a developer or security team, machine-readable references and verifiable artifacts are below.

Licensing

Unlimited recipients.
Per-core pricing.

Identity vendors price by the user, the MAU, or the API call. That model was built for humans signing into apps. The bill explodes the moment your agents outnumber your employees. Every HexaEight license unlocks unlimited end-to-end encrypted messaging to any other identity, including ones not yet provisioned. License by the core, not by the seat. Monthly or annual billing on every mode.

Mode 1 · Self-Install

Per-Identity License

Anywhere Node.js, Python, or .NET runs. Your domain.
from $72 / core / month

One cryptographic identity bound to one machine you own, under your own domain. Bundle the Bridge SDK in your language; the cryptographic core runs underneath. Activate locally with hexaeight-activate.

For

Solo devs, single-purpose agents, on-prem services, edge gateways, embedded gadgets, automotive, drones, and back-ends for paired wearables.

  • Single HexaEight identity, hostname-bound to your own domain
  • Per-core licensing from $72/month. Larger capacities on request.
  • Bridge SDK in Node.js, Python (preview), and .NET — same crypto core under all three
  • Linux, Windows, macOS — runs on server, laptop, Pi, edge gateway, SBC, automotive, drones
  • Microcontrollers via .NET nanoFramework (ESP32, STM32, Arduino Portenta)
  • Paired devices (phones, kiosks, glasses) authenticate via QR hand-off. No SDK on the gadget.
  • Your domain on the identity (e.g. agent01.yourbrand.com)
  • Monthly or annual billing. .NET 8 runtime bundled and auto-installed by the SDK.
Buy on HexaEight Store See per-core tiers
Recommended for Enterprise
Mode 2 · Marketplace VM

Multi-Identity License

Multi-tenant under your own brand
from $144 / core / month

One Marketplace VM hosts unlimited identities under your own root domain. You control the Bridge endpoint, your brand stays on every identity. MACC-eligible on Azure.

For

Vertical product companies, multi-tenant platforms, regional resellers, and integrators issuing many identities under one root domain.

  • One VM, unlimited cryptographic identities
  • Issue one or more identities under your own root domain (e.g. agent.customer.yourbrand.com)
  • Stop the VM and billing stops. No charge while idle.
  • Monthly or annual billing via cloud Marketplace
  • Azure Marketplace live. AWS and GCP coming.
  • MACC-eligible. Counts against committed Azure spend.
Deploy from a Marketplace See multi-identity pricing
Mode 3 · Signature License

Tamper-Evident Signing

Add to any identity
$99 / identity / month

Sign requests, responses, audit-log entries with a self-contained JWT. Anyone verifies offline, forever, with no fee.

For

Regulated industries, AI accountability workloads, tamper-evident coding context, court-admissible AI records.

  • Add to any identity in Mode 1 or Mode 2
  • Self-contained JWT with embedded verification key
  • Verification is always free, always offline
  • Provable provenance for EU AI Act, DPDPA, HIPAA workloads
  • Defensible in front of regulators, auditors, courts
  • Recipients never pay to verify. Adoption scales without per-call costs.
Buy Signature License See Signature details
Where Mode 1 actually runs

Authenticated Encryption Anywhere and Everywhere.

The founder's tagline is the literal product spec. If Node.js, Python, or .NET ports there, HexaEight identity runs there.

.NET 8 runtime bundled with every SDK and auto-installed on first use. You bundle the language SDK; the crypto core runs underneath.

Server
Laptop / desktop
Raspberry Pi
Edge gateway
SBC / NUC
ESP32 / STM32 (nanoFramework)
Automotive
Drone / airborne
HoloLens / Vision Pro / Magic Leap (via Unity)
Phone / kiosk (QR paired)
Pick by intent, not by price. Mode 1 is for teams that want identity on their own hardware. Mode 2 is for enterprises that want unlimited identities under their own brand. Mode 3 layers tamper-evident signing on top of either. Add it when you need an audit trail that holds up in front of regulators.
A New Economic Model

The end of API keys.

HexaEight identity replaces bearer tokens at every hop. AI providers can sell identity-pinned LLM subscriptions (~$20/mo, pinned to exactly one bridge) instead of forwardable API keys. Unleakable. Unforgeable. Attributable. Provider-neutral.

User · Free
[email protected]
Authenticate via the HexaEight Authenticator app. No license.
Bridge · $72+/core/mo
web0-bliss-cyan-back65
Runs your agent. Owns IAM. Decides which users connect.
LLM Sub · ~$20/mo
web0-bliss-cyan-back65
.user.claude.com / openai.com / ...
Pinned to one bridge. Any AI provider. No API key.
See the full Provider Math (16-core VM → 200 subscriptions → 74% margin)
Open Algorithm

Independently Verified

Six independent AI systems reviewed it. All six found nothing. This is the security layer your AI agents run on.

Kerckhoffs's Principle, 1883
The foundational law of modern cryptography
"A cryptosystem should be secure even if everything about the system, except the key, is public knowledge."

HexaEight follows this law completely. The algorithm, the formula, the key derivation path: all published. The only secret is your password. That's not a limitation. That's the design.

Algorithm V4 Trapdoor formula, published
Key derivation SHAKE-256 × 8 to 17 iterations, documented
Shared keys Demo: provided. Production: platform-distributed secret
Resource names Public identifiers, like email addresses
Password Never published, never shared. Yours alone
V4 Trapdoor · Published Encryption Formula
Encryption
term1 = pkpf² + pkpf·pkpd + tk0_new
term2 = pkpf2² + pkpf2·pkpd2 + tk1_new
C = (pk0 · term1) + term2 + sky_new + P (mod keycounter)
Decryption (Mathematical Inverse)
term1 = pkpd² + pkpd·pkpf + tk0_rem
term2 = pkpd2² + pkpd2·pkpf2 + tk1_rem
P = C − sky_new − (pk0 · term1) − term2 (mod keycounter)
The Security Anchor

pkpf, pkpd = SHAKE-256(password) iterated 8 to 17 times, 256 bytes output.
Without the password, the formula is known but unsolvable.
Breaking this requires breaking SHAKE-256 (NIST FIPS 202).

What We've Published. What We've Kept.
Everything an attacker needs, except the one thing that matters.
You Have
Full algorithm source code: every line, every constant
V4 Trapdoor formula: encryption and decryption inverse
Key derivation path: SHAKE-256, 8 to 17 iterations, documented
Both resource names and shared key sets
Live ciphertext from the reference demo
vs
You Don't Have
The password
Protected by SHAKE-256 key derivation.
17 iterations. 256 bytes. ~1024-bit quantum security.

Find the plaintext. Recover the password. Find a flaw in the construction.

01 Report privately Send your finding before any public disclosure
02 We respond in 7 days Verified or disputed, you'll hear back either way
03 Public credit Confirmed findings are credited by name before we patch
View Source Code
Found a vulnerability? Write to support hexaeight com
Breaking this encryption requires cracking two completely independent passwords, simultaneously, with no connection between them.
There is no shortcut. That's not a limitation of the attacker. That's the design.

Trust in security comes from independent verification. Six AI systems, different companies, different architectures, no shared codebase, each reviewed this algorithm separately and found nothing. These systems had no reason to agree with each other, especially on something none of them had ever encountered before. Honestly, that result humbled us. That's what we built your AI agents' security layer on. We've published the full algorithm: independently verify it anytime.

Bridge SDK Status

Drop into your stack

HexaEight.Bridge is the developer-friendly packaging on a mature cryptographic core. The JWT library has shipped 198.1K downloads over a long release history. The ASK client has shipped 132.7K downloads on the same release cadence. The Bridge SDK carries NuGet's Prefix Reserved verification. Don't take our word for it. Verify on NuGet.

.NET (C#) Prefix Reserved
HexaEight.Bridge · net8/9/10 multi-target · 105 downloads
Verify
Shipping
Node.js
@hexaeight/sdk · 3 transports built in
Verify
Shipping
Python
hexaeight-sdk · AI/ML critical path
Preview
Browser
HexaEightAgentClient · human-in-the-loop auth
Forthcoming
Go
tbd · via CoreCLR hosting
Planned
Rust
tbd · via CoreCLR hosting
Planned
Java
tbd · via CoreCLR hosting
Planned
FAQ

Frequently Asked Questions

Pick a category — general, identity, or encryption.

Mode 1 is one HexaEight identity bound to one machine, self-installed. It serves customers who want identity on their own hardware with full control. Mode 2 is a Marketplace VM that hosts unlimited identities under your own domain, with your own Bridge endpoint. It serves enterprises building their own product with their own identity layer and markup. Different buyers. Not competing tiers.
No. Modes 1 and 2 give you cryptographic identity plus Dead Drop Encryption. The Signature License ($99/identity/month) is an opt-in add-on for use cases that need tamper-evident audit trails: signed requests, signed responses, signed log entries. Verification is always free and offline. Add Signature to any identity in Mode 1 or Mode 2.
Yes. The Bridge wraps an HTTP transport, so any framework that makes outbound HTTP calls works without code changes. Reference integrations for LangChain, Semantic Kernel, Claude Agent SDK, and CrewAI are shipping as part of the ecosystem rollout.
Yes. That is the Mode 2 use case. A partner buys a Marketplace VM at $144/core/month, hosts hundreds of identities on it, and resells each identity at any price, including below our direct $72 rate. We do not undercut our partners. We sell the primitive. Partners make the money on top.
The HexaEight platform runs on Microsoft Azure, which gives us inherited SOC 2 Type II, ISO 27001 / 27017 / 27018, HIPAA BAA, and (in Azure Gov regions) FedRAMP at the infrastructure layer. Additional application-layer attestation details are available to enterprise customers under NDA.
Bedrock and Foundry are AI gateways. HexaEight is the identity layer that sits in front of them. We don't compete with hyperscalers. We provide a cryptographic identity primitive that they (or you) can bundle and resell on top of their own AI services. Enterprise customers get one invoice, you keep the endpoint and the regulatory accountability story.
Signatures are self-contained JWTs with the verification key embedded in the JWT itself. Anyone can verify without contacting HexaEight servers, without an account, without paying any fee, and completely offline. We monetize signing, not verification. The more people verify for free, the more valuable the signature becomes.
Certificates require Certificate Authorities, renewal cycles, revocation infrastructure, and synchronous key exchange. HexaEight eliminates all of this. Encrypt to any identity, even agents that don't exist yet. No CA dependency, no expiry management, no key exchange coordination. Identity is hostname-bound, not certificate-bound.
HexaEight uses a SHAKE256-based trapdoor mechanism. The platform provides destination keys for any identity. You encrypt with your password + destination keys. The recipient decrypts with their own password + their own keys. Different passwords, same plaintext. The platform facilitates key lookup but is mathematically unable to decrypt. Only the password holders can.
No. Three structural differences. First, multi-password per identity: in IBE, an identity like [email protected] maps to exactly one deterministic private key generated by the Private Key Generator (PKG). If Bob wants the identity on his phone and laptop, both must hold the same key — the password cannot vary. HexaEight lets the same identity ([email protected]) run on two phones with two completely different passwords; each device fetches its own rotating ASK from the platform; one ciphertext addressed to that identity decrypts on either device. Structurally impossible in IBE. Second, no key escrow: IBE's PKG generates every private key and can decrypt every message — twenty years of threshold-PKG and certificate-less variants haven't moved the needle. HexaEight's platform issues a fresh ASK every 15 minutes for each sender → destination pair post-registration, then steps out of the data path. Ciphertext never traverses the HexaEight platform. Third, no pairing cryptography: IBE depends on bilinear pairings (BLS12-381, BN-254) that Shor's algorithm breaks; no production-grade post-quantum IBE exists today. HexaEight uses SHA + BigInteger arithmetic with a dynamic per-message keycounter (SHAKE-256 in V3 production mode). Standard, post-quantum-resilient primitives. The summary: IBE binds identity to one key. HexaEight binds identity to many valid key combinations, with the platform as a witness, not a custodian.