# Pricing — Whisper for Content Authenticity · flat, per-signer identity, predictable

> A trust list you pay to join, and a cert you rent per signer, is provenance priced backwards.
> Whisper is flat, per-signer-identity, per year — not per asset signed, per verification, or per seat.
> Keyless verify is free forever; attribution and "who verified my content" are never metered.
> No CA to pay, no Trust-List slot to buy — and any signer is verifiable in open DNS.

Making a signer publicly recognized today means a ~$289/yr commercial C2PA certificate,
renewed per signer, behind a list a small coalition curates — and an off-list signer displays
*"unknown source"* no matter how honest it is. There is *no Let's Encrypt for provenance*.
That's a toll and a gate on *who may be trusted* — exactly the wrong shape when synthetic
content is already the majority and most of it is unsigned. **We price the other way.**

`whisper verify --trustless` costs nothing and needs no account — our own API is not in the trust path.

- **$0** — Keyless verify any signer, free forever, no account, our API never in the trust path
- **~$289/yr** — the commercial C2PA cert's per-signer toll — the "no Let's Encrypt for provenance" tax we remove
- **1×** — One flat per-signer-identity/year figure — not per-asset-signed, per-verification or per-seat
- **0** — meters on attribution and on "who verified my content" — never ration a verification hunt
- **1** — revoke replaces a fleet-wide C2PA cert reset — per-unit, at DNS-TTL
- **€15M / 3%** — EU AI Act Art.50 exposure from 2 Aug 2026 — a figure you forecast against, not a meter that spikes

---

## The pricing principle

**A per-cert toll that climbs with every signer you onboard — and resets when a CA fails —
isn't a price. It's a tax on being trusted.** Two curves. One rises with every stringer, desk,
camera and agent you need to make publicly verifiable — a fresh ~$289/yr certificate each, and
a whole re-cert when a CA is compromised. The other is a flat line you set once, forecast for
years, and that turns any signer public in your own DNS with no list to join.

```
annual cost
  ▲
  │                          Trust-List gate ┊        ╱ per-cert C2PA CA
  │                    off-list = "unknown"  ┊   ╱╱      (~$289/yr each · gate-kept)
  │                        source            ┊╱╱      ◀── CA incident: re-cert the whole fleet
  │                                       ╱╱╱          (one revoked root → all signers)
  │                             ╱╱╱╱
  │                   ╱╱╱╱
  ├───────────────────────────────────────────── Whisper · flat per-signer-identity / year
  │        (set once · no CA, no list · verify & who-verified never metered)
  └──────────────────────────────────────────────▶ signers to make verifiable · stringers · desks · cameras · agents
       the gap between the lines is the per-cert toll a flat price never charges
```

- **Per-signer identity, not per asset** — priced to the thing you govern, the *signer* (a desk, a stringer, a camera model, an agent), so signing a million assets or a viral verification spike never moves the invoice. Onboard a new signer and it's one flat line, not another ~$289/yr cert.
- **Verify & who-verified are never metered** — keyless `whisper verify --trustless` is free forever (our API isn't in the trust path), and the graph and `op:lookups` run unmetered on the keyed tiers. No per-verification tax means you never ration a hunt while an impostor cert circulates.
- **No CA fee, no list to join** — a flat per-signer-identity line replaces the commercial C2PA cert *and* the pay-to-play list. Publish the signer's EE cert under your own DNSSEC/DANE record and it's self-verifying — no gatekeeper, no phone-home, no "unknown source" penalty on an honest off-list signer.

---

## Three tiers · one primitive

Start keyless and free. Prove it on a handful of signers. Roll it across the publisher — flat
the whole way. POC → pilot → enterprise, exactly the path a provenance program buys on. Every
tier speaks the same *address-is-the-signer* primitive; you only widen how many signers it
covers, never re-platform — and the manifest stays C2PA's the whole time.

### POC — free to verify · **$0**

Keyless forever, plus a handful of signer identities to prove the flow. The keyless half of the
platform — trustless, anchored at the IANA root, our API never in the path:

- `whisper verify --trustless` any signer — no key, no CA
- Resolve and reverse-resolve a signer /128, read its RDAP
- Provision a handful of signer identities — DANE-anchored, from the C2PA signer cert serial they carry

### Pilot — a desk or a product line · flat engagement

A newsroom desk or one product line's signing fleet, time-boxed, one flat price. Everything in
POC, keyed to a defined signer count so a program owner can prove value before the board:

- Full attribution graph — unmetered during the pilot
- "Who verified my content" analytics (`op:lookups`) — the empty quadrant, as a stream
- Machine-readable feed into your SIEM: Splunk & Microsoft Sentinel today (STIX 2.1 / TAXII on the roadmap)
- Merkle transparency-log evidence · EU AI Act Art.50 audit export

### Enterprise — flat per-signer / year · signer quote

One rate, quoted to your signer count. It doesn't move. The whole publisher or the whole device
fleet — every signer, on your own terms:

- Identity, attribution graph, who-verified analytics and egress governance, fleet-wide
- Per-unit `op:revoke` — kill one compromised signer worldwide at DNS-TTL, never a fleet-wide reset
- On-prem or your own tenant — GDPR, data residency and source-protecting pseudonymity by construction
- Enterprise support and SLA

**Why a quote, not a sticker.** A signer price is one number, but the right number depends on how
many signers you publish, on-prem vs your own tenant, and the standards evidence you need — so we
quote it flat and in writing, and it holds for the term. No per-cert renewals, no usage true-ups,
no surprise line at renewal. Get a signer quote → <https://console.whisper.security/sign-up>

### What you're actually buying — free to try, unmetered to run

```console
# keyless — verify any signer, free forever, our API not in the trust path
$ whisper verify --trustless newsroom.example.press
  ✓ DNSSEC chain valid to the IANA root
  ✓ DANE-EE (TLSA) matches the C2PA signer EE cert · serial 03:a8:f1:9c:…
  ✓ RDAP: registered under AS219419 · 2a04:2a01::/32
  signer: VERIFIED — no central Trust List, no CA fee

# provision a signer from the C2PA signer cert serial it already carries (device_id)
# — a first-class --signer arg is on the roadmap; the serial is the socket today
$ curl -s https://graph.whisper.security/api/query -H "X-API-Key: whisper_live_xxx" --data-urlencode "q=CALL whisper.agents({op:'connect', args:{tier:'wireguard',
       identity_public_key:'<base64 SPKI of the signer key>',
       device_id:'03A8F19C4E7B2D01'}})"   # device_id = the signer cert serial
  → signer 2a04:2a01:5e0::c2   DNSSEC + DANE-EE live · in the transparency log

# "who verified my content" — the write-only quadrant, now a stream (unmetered)
$ whisper lookups 2a04:2a01:5e0::c2
  1,284 verifications · 37 countries · 6 platforms — last 24h
  ⚠ 3 lookups resolved a signer serial you never issued → possible impostor cert
```

---

## What each tier includes

The keyless verification a reader, a fact-checker, a platform or a regulator needs to resolve a
signer's identity is free at every tier — on principle. The keyed tiers widen coverage and feed
your stack; they never gate the public check. And we never create the C2PA manifest or embed a
watermark — we anchor the signer those manifests already reference.

| Capability | POC | Pilot | Enterprise |
|---|---|---|---|
| Trustless verify / resolve / RDAP (`whisper verify --trustless`) | ✓ | ✓ | ✓ |
| Trace a signer /128 to the identity behind it (reverse-DNS + RDAP) | ✓ | ✓ | ✓ |
| Signer /128 identities + DANE-anchored signer certs (from the C2PA cert serial) | a handful | desk / line | fleet-wide |
| Full attribution graph (`identify`, `origins`, `walk`, `history`, Cypher) | — | unmetered | unlimited |
| "Who verified my content" analytics (`op:lookups`) | — | ✓ | ✓ |
| Egress governance for signing agents (`policy`, `firewall`, `budget`, `op:logs`) | — | desk / line | fleet-wide |
| Per-unit revocation at DNS-TTL (`op:revoke`) | your signers | desk / line | fleet-wide |
| Merkle transparency log — issuance & revocation audit trail | public read | ✓ | ✓ |
| SIEM feed: Splunk & Microsoft Sentinel connectors today (STIX 2.1 / TAXII roadmap) | — | ✓ | ✓ |
| EU AI Act Art.50 / ISO 22144 (draft) evidence export (JSON export on roadmap) | — | ✓ | ✓ |
| On-prem / own tenant (data residency, GDPR, pseudonymity) | — | — | ✓ |
| Enterprise support & SLA | — | pilot support | ✓ |
| Per-signer commercial-CA fee (~$289/yr each) | never | never | never |
| Metered by usage (per asset signed / per verification / per seat) | never | never | never |

**One honest note on standards.** DNSSEC/DANE anchoring is a *legitimate complementary*
signer-identity ecosystem — C2PA trust anchors are pluggable config inputs to a validator, and a
DANE anchor is surfaced through a CAWG identity assertion — but it is **not (yet) a formally
recognized C2PA conformance trust anchor**. We're pursuing that formal-recognition track through
CAWG and the standard; we don't price it as done. What ships today makes any signer publicly
verifiable and revocable in open DNS — additive to C2PA, never instead of it.

---

## Where the flat number pays for itself

The ROI isn't a promise — it's costs the flat line takes off your books, and one it puts back
on. A predictable figure is only half the case; the other half is what it removes — a per-signer
CA toll, a fleet-wide cert reset, audit effort, re-platform risk — and the one new line it can
*add*: "who verified my content," a stream no incumbent can sell.

- **No ~$289/yr CA fee, no gatekeeping.** Every stringer, desk, camera model and agent becomes a publicly-verifiable signer via your own DNSSEC/DANE — no per-cert commercial-CA fee, no Trust-List slot to buy, no "unknown source" penalty on an honest off-list signer. The "no Let's Encrypt for provenance" gap, closed at a flat line.
- **One revoke, not a fleet-wide cert reset.** A compromised signer key is `revoke`d worldwide at DNS-TTL in one call — per unit. When a camera vendor's authenticity service was suspended and its *entire* set of device certs had to be revoked in 2025, that was a fleet-wide reset; per-unit revocation bounds the blast radius to one leaf key, never a shared root — the shared-CA failure mode is structurally removed.
- **"Who verified my content" — a new line, not a cost.** C2PA verification needs no network call, so a signer normally has *zero* visibility into who checked their content. Anchor the signer in DNS and `op:lookups` turns that empty write-only quadrant into a stream — an impersonation early-warning and a sellable B2B analytics product no incumbent can offer.
- **Attribution & verify are never metered.** Run `identify`, `walk`, `history` and Cypher — and keyless verify — as hard as an incident demands. No per-verification tax means a fact-checker triaging a viral deepfake, or a platform verifying at ingestion, never rations the check while an impostor cert keeps working.
- **Audit effort you don't repeat.** Every mint and every revoke lands in a public, append-only RFC 6962 Merkle transparency log, Ed25519-signed and Bitcoin-anchored via OpenTimestamps — a non-repudiable issuance trail that *evidences* the "cryptographic methods for proving provenance" EU AI Act Recital 133 enumerates. A byproduct of the tool, not a consulting line. *Honest status:* tamper-evident today, independent witnessing is the next step.
- **A vendor that will still be here.** Real routable address space (AS219419), run by people who ran the internet's regional address registry and operated one of its root DNS servers. Your signer identities are DNSSEC/DANE objects anyone can verify independently — longevity is the cheapest line in any TCO.

---

## A pricing model can be a trap. Ours isn't.

If verification is metered, an adversary can run up your bill and a defender rations their own
check. If trust is gate-kept, honest signers pay a toll to be believed. We priced both failure
modes out — and we're candid about the standards line we haven't crossed yet.

> **"If verification is metered, does my bill spike when my content goes viral — or when someone floods checks to run it up?"**
> Neither. Keyless `verify` is free forever and *our own API is not in the trust path*, so there's
> no per-verification line for a viral moment to inflate or an adversary to weaponize. Attribution
> and `op:lookups` are unmetered on the keyed tiers. The only variable on your invoice is how many
> signers you publish.

> **"Is this just a second CA fee stacked on top of the C2PA cert I already buy?"**
> No — it replaces the toll, not adds one. There's no per-cert ~$289/yr commercial-CA fee and no
> Trust-List slot to buy. You derive the signer identity from the key the signer *already* holds
> and publish its EE cert under your own DNSSEC/DANE — self-verifying, no gatekeeper. It makes an
> off-list signer publicly verifiable; it doesn't make you buy a second certificate to do it.

> **"Are you charging me for something you're claiming is 'C2PA-approved'? Because I'll check."**
> We're not — and here's the honest line. DNSSEC/DANE anchoring is a *legitimate complementary*
> identity ecosystem (C2PA trust anchors are pluggable validator inputs, surfaced through a CAWG
> identity assertion), but it is **not yet a formally recognized C2PA conformance trust anchor.**
> We're pursuing that recognition through CAWG and the standard, and we price only what ships: a
> publicly-verifiable, revocable signer identity in open DNS — additive to your C2PA manifest,
> never a replacement for it.

---

## The questions procurement always asks

- **What exactly is metered?** Nothing by usage. A flat rate per signer identity, per year — no per-asset-signed charge, no per-verification fee, no per-seat licence, no per-cert commercial-CA fee, no data-egress bill. The only variable is how many signers the program covers.
- **Can I try it without procurement?** Yes — keyless verify is free and needs no account. Run `whisper verify --trustless` against any signer today; a POC lets you provision a handful of signer identities from the C2PA cert serial they carry, no commitment.
- **What happens as I onboard more signers?** The per-signer rate holds; the total scales linearly and predictably with signer count, quoted in writing for the term. No per-cert ~$289/yr tax, no renewal surprise, and an off-list signer never costs extra to make public.
- **Is this on top of my C2PA cost?** It's *additive* to C2PA / Content Credentials — it anchors the *same* signer the manifest already references. We don't create the manifest or embed a watermark; we make the signer publicly verifiable and revocable. The Splunk connector feeds your existing SIEM, not a second console.
- **On-prem or hosted?** Either. The Enterprise tier runs on-prem or in your own tenant, so the graph and per-signer logs stay where your regulator needs them. Org- or domain-level anchoring with pseudonymity protects journalists and whistleblowers — GDPR and data residency by construction, at no metered premium.
- **What if I stop?** Your signer identities are DNSSEC/DANE objects you can verify independently, transparency-log proofs stay valid, and evidence exports are open formats (CEF, ECS; STIX and per-sector JSON on the roadmap). No proprietary lock on your own attestations or compliance record.

---

## How it sits next to what you already buy

**Flat depth on top of Content Credentials — it doesn't replace the manifest, it makes the signer
public.** You already emit C2PA manifests and, maybe, pay a commercial CA to be a recognized
signer — keep the manifest; it carries the edit history and the AI-generated assertion your Art.50
mark needs. Where a per-cert CA taxes each signer and gate-keeps who may be trusted, and a
hypothetical per-verification cloud makes the bill unforecastable, a flat per-signer-identity line
adds the two things no one else owns — a publicly-verifiable, revocable signer in open DNS and
"who verified my content" analytics — without a meter, a gatekeeper, or a second silo.

| Trust / pricing model | Forecastable & flat? | Publicly verifiable off-list, no CA fee? |
|---|---|---|
| Per-cert commercial C2PA CA (~$289/yr, gate-kept list) | partly — scales per signer | no — needs the list |
| Self-signed / off-list cert | $0 | no — shows "unknown source" |
| Whisper — flat per-signer-identity / year (DNSSEC/DANE) | yes | yes |

It makes the Content Credentials, watermarking and verification tooling you already run sharper,
as a machine-readable feed — not a thing they compete with. [See the full comparison →](/compare)

---

## One flat number. Every signer, publicly verifiable.

Keyless verify is free forever — start there, no account. When you're ready, a signer quote is one
flat per-signer-identity/year figure you can forecast and defend: no CA fee, no Trust-List slot, no
meter, no surprise at renewal.

Get a signer quote → <https://console.whisper.security/sign-up> · [For newsrooms →](/for-newsrooms)

Or run `whisper verify --trustless` right now — it costs nothing.

---

*Whisper for Content Authenticity · Identity on the wire for content provenance · AS219419 · 2a04:2a01::/32*
*© viaGraph B.V. (dba Whisper Security)*
