A running log of every shipped feature, improvement, and security update across the HiveIQ stack — from the routing engine to the agent marketplace to the Vitreus integration.
v0.5.0LatestApril 2026
NewAgent Marketplace with Competitive Bidding
Providers now compete for compute tasks via a reputation-weighted bidding engine. Scores factor cost (20%), latency (30%), and on-chain reputation (50%). Winners are selected in <200ms. Provider reputation syncs to Vitreus pallet_reputation.
Each marketplace task collects parallel bids from all capable providers (capability filter applied first), scores them through a weighted formula, and persists the winning bid plus all losing bids to the marketplace ledger so the dashboard can replay decisions. Successful task completion writes a positive reputation outcome on-chain via the Vitreus pallet_reputation precompile; failures decay the score. Bid collection is timeout-bounded at 200ms so a slow provider can't drag down the auction.
NewSLM Model Registry
Curated catalog of 8 language models with benchmark scores (MMLU, HumanEval, MT-Bench), cost profiles, and capability tags. Workload-aware model selection via GET /models/recommend.
The registry tags every model with structured capability metadata — reasoning, code, math, multilingual, vision, function-calling — alongside per-1K-token pricing and latency profiles. The recommendation endpoint takes a free-text workload description and returns the top 3 models ranked by capability match × cost-efficiency, optionally filtered by max-cost or required-capability constraints.
NewNAC-Backed Provider Identity
Provider registration now maps to Non-Fungible Access Certificates on the Vitreus chain via pallet_nac_managing. NAC Level 4 grants a +10% reputation multiplier in marketplace bidding.
When a provider registers, HiveIQ verifies their NAC level on-chain and stores the level alongside the provider record. Higher NAC levels (1–4) unlock progressively richer capabilities: Level 1 enables basic task execution, Level 2 unlocks high-priority routing, Level 3 enables TEE workloads, and Level 4 grants the +10% reputation bonus that compounds in marketplace bid scoring.
NewMulti-Agent Sessions with SSE Streaming
Complex tasks decomposed by Claude into 2–4 specialist sub-tasks, executed in parallel where independent. Live progress streams via Server-Sent Events. Final synthesis pass produces a unified response.
The decomposer parses the task into a directed acyclic graph of subtasks with explicit dependencies. The orchestrator walks the DAG topologically, dispatching independent steps in parallel batches and serializing dependent ones. Each step emits SSE events (step.start, step.delta, step.complete) so the dashboard renders live. A final synthesis call merges all step outputs into one cohesive response.
NewGoogle A2A Protocol Support
HiveIQ is now Agent2Agent (A2A) compatible. Agent discovery at /.well-known/agent.json. Submit tasks and create sessions via the standard A2A envelope format.
The discovery document advertises HiveIQ's capabilities, supported methods, auth requirements, and rate limits in the A2A standard schema. Inbound A2A envelopes are translated into native HiveIQ task and session requests, executed through the same routing engine, and returned in A2A response format. This makes HiveIQ a drop-in compute layer for any A2A-compliant agent framework — including Google Agentspace and the broader A2A ecosystem.
ImprovedPostgreSQL Migration
Migrated from SQLite to PostgreSQL 16 with asyncpg connection pooling. Native types throughout: UUID, TIMESTAMPTZ, JSONB, NUMERIC(18,8).
A backend dispatcher (app.db_backend) selects between SQLite and Postgres at startup from DATABASE_URL — SQLite is preserved as a zero-config local-dev fallback, while production runs on Postgres 16 with asyncpg pooling. Schema is idempotent: CREATE TABLE IF NOT EXISTS + ALTER TABLE ADD COLUMN IF NOT EXISTS for every column, so deploys never need a separate migration step.
ImprovedRedis Caching Layer
API key lookups, analytics aggregates, and rate limit counters now backed by Redis. Rate limit state persists across restarts. Revoked keys invalidate within milliseconds.
Hot-path lookups (API key → user resolution, analytics rollups, per-user rate counters) hit Redis with a 5-minute TTL, eliminating repeated database round-trips on every authenticated request. Key revocation deletes the cached entry directly so a revoked key stops authenticating within milliseconds instead of waiting for the TTL to expire. Rate limit counters live in Redis, so they survive process restarts and deploys.
SecurityJWT Blacklisting + Auth Hardening
True stateless logout via Redis jti blacklist. Password changes invalidate all active sessions. Timing-safe login (100ms artificial delay on failure). IP tracking on API key usage.
Every JWT carries a jti (JWT ID); logout adds the jti to a Redis blacklist with TTL matching the token's remaining lifetime. The auth middleware checks the blacklist on every request. Password changes bump a per-user password_changed_at timestamp — any token issued before that timestamp is rejected, instantly invalidating every session for the user. Failed login attempts incur a 100ms artificial delay to flatten timing-based user enumeration. API key usage records the source IP for audit.
NewStructured JSON Logging + Request Audit Trail
Every request logged with request_id, user_id, endpoint, provider, cost_usd, latency_ms. Sentry integration for error monitoring. No PII in logs.
A logging middleware tags every request with a UUID request_id that propagates through the entire call chain — application logs, the request audit table, and outbound provider calls all share the same id, making cross-system tracing trivial. Email addresses are SHA-256 hashed before being logged. Sentry ingests unhandled exceptions with the request_id attached so reproducing a production incident is a one-click jump from Sentry to the matching access-log row.
v0.4.0March 2026
NewSubstrate/Rust Settlement Pallet
Native Vitreus settlement pallet written in Rust using the Substrate FRAME framework. 13 tests passing. Handles compute job registration, provider payment settlement, and dispute resolution on-chain. Submitted as PR to github.com/Vitreus-Foundation/power-plant.
The pallet exposes three core extrinsics: register_job (provider commits to a compute task with an escrowed VTRS bond), settle_job (HiveIQ orchestrator confirms successful completion and triggers payment release), and dispute_job (either party can challenge a settlement within the dispute window, freezing the bond pending resolution). All state transitions emit events for off-chain indexers, and the full state machine is covered by 13 unit tests in the Substrate test runtime.
NewPython SDK
Official HiveIQ Python SDK with support for synchronous completion, streaming, marketplace routing, and multi-agent session management.
A clean, typed Python client that mirrors the REST API one-to-one: client.tasks.create() for one-shot completions, client.tasks.stream() for SSE token streaming, client.marketplace.bid() to opt into competitive bidding, and client.sessions.create() for multi-agent decomposition flows. Auth is a single API key passed at construction; rate-limit-aware retries and request_id propagation are built in.
NewWebhook Support
Register HTTPS endpoints to receive real-time delivery notifications for task.complete and session.complete events. HMAC-SHA256 signed payloads. 3-attempt exponential backoff. Delivery history in /account.
Each webhook is registered with a URL, an event subscription list, and a secret. Outbound deliveries carry an X-HiveIQ-Signature header — an HMAC-SHA256 of the raw body using the per-webhook secret — so receivers can verify authenticity in constant time. Failed deliveries retry up to 3 times with exponential backoff (1s, 4s, 16s) and the full delivery history (status, response code, latency, body excerpt) is rendered in the account dashboard for debugging.
ImprovedBilling & Payments
Dedicated billing page at /billing. USDC deposit flow with VTRS equivalent preview (1:50 rate). Full transaction ledger with CSV export. Low-balance email alerts with configurable threshold.
The billing page surfaces current USDC balance, this-month spend, projected monthly cost, and savings versus a GPT-4o baseline. The deposit modal previews the VTRS credit live as the amount changes (1 USDC = 50 VTRS) and confetti-celebrates a successful top-up. Users can opt into a low-balance email alert with a custom threshold; the alert fires once on the threshold-crossing edge to avoid notification spam.
NewDeveloper Documentation
Full API reference at /docs covering all endpoints, authentication methods, SDK usage, rate limits, and error reference.
Every endpoint documented with request/response schema, copy-paste curl + Python + JavaScript examples, and a live "Try it" button that hits the real API with the visitor's API key. Error codes are catalogued with remediation guidance, and the rate-limit reference shows tier-by-tier quotas alongside the response headers (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset) clients should respect.
NewSystem Status Page
Public status page at /status-page with per-provider 168-bar uptime grids, response time sparklines, and component health grid.
A Statuspage-style public health view rendering 7 days × 24 hourly buckets per provider — 168 bars total — colored green/amber/red by the success rate within each bucket. Hover any bar for the bucket's exact pass/fail counts and average latency. The component health grid shows the live status of every internal subsystem (router, cache, database, payments, marketplace, A2A bridge) so users can self-diagnose before opening a ticket.
v0.3.0March 2026
Newx402 Payment Hooks
Payment processing hooks integrated for USDC settlement via Vitreus blockchain.
The x402 payment protocol issues a per-task payment request specifying the recipient wallet, amount, and a 15-minute expiry. Once the user submits the on-chain transaction, the verification step matches the tx hash against the pending payment row, credits the user's USDC ledger, and writes a signed receipt to the payments_ledger table for full auditability.
NewCOMPLiQ Compliance Hooks
Data residency enforcement at the routing layer. EU-only, US-only, and TEE-only routing constraints supported.
Every task can specify a data_residency policy: eu-only, us-only, tee-only, or any. The routing engine filters provider candidates by their declared region/TEE attestation before scoring, and writes a compliance log row for every routing decision so auditors can prove no data ever crossed a forbidden boundary.
NewMulti-Agent Decomposition
Task decomposition with topological execution — parallel subtasks where independent, sequential where dependent.
The decomposition planner breaks a complex prompt into a DAG of subtasks with explicit dependency edges. The executor walks the DAG in topological order, batching independent nodes for parallel execution and serializing only what truly depends on prior output. Results are stitched back via a synthesis step.
v0.2.0March 2026
NewAccount System + JWT Auth
User registration, login, JWT tokens, API key management. Tiered rate limiting via Redis.
Full account lifecycle: register → email verification → login → JWT issuance → API key creation → revocation. API keys are stored as bcrypt hashes with only the prefix kept in plaintext for display. Rate limits are tiered by account type (anonymous, free, pro) and enforced via Redis-backed token buckets keyed on user_id.
NewProvider Health Monitoring
Real-time health checks across all 6 providers. 24h uptime history, latency sparklines, automatic failover on provider degradation.
A background worker pings every provider every 60 seconds with a tiny synthetic prompt, recording success/failure and round-trip latency into rolling 24h buckets. The routing engine reads the latest health snapshot before every scoring pass and downranks (or excludes) any provider with a recent failure streak. The public status page renders the bucket history as a Statuspage-style 168-bar uptime grid per provider.
v0.1.0February 2026
NewInitial Release
6 AI providers (OpenAI, Anthropic, RunPod, Replicate, io.net, Phala), smart routing engine, real-time streaming via SSE, SQLite persistence, analytics.
The first public build of HiveIQ. Core capabilities at launch: a unified POST /tasks endpoint that accepts a chat-style messages payload and routes it to one of six providers based on cost, latency, and capability constraints; an SSE streaming endpoint at POST /tasks/stream for live token delivery; per-task and per-day analytics aggregated into a dashboard; and SQLite persistence for tasks, users, and per-day usage rollups.