Pricing - protected controls, not seats

Pay when KIFF protects a production action.

KIFF Cloud sells protected controls for money-moving agent actions. A protected control is one production action KIFF decides before execution and proves afterward with receipts. Logs say something happened; KIFF proves what was authorized before the money moved.

Start with one finance-agent control: duplicate payment, refund approval, vendor payout, credit issuance, discount override, or another costly action you do not want an agent to execute without clearance.

Sandbox

$0

Evaluate one non-production control.

  • 1 non-production protected control.
  • Observe a guard runtime and draft from real tool facts.
  • Limited receipts and short retention.
  • No production enforcement.
  • No card required. Self-service signup.

Best fit: proving KIFF can see a risky agent action and turn it into a protected control before you let it touch production.

Start sandbox

Launch Pilot

$1,500 / 90 days

One production protected control.

  • 1 production protected control.
  • Founder-led setup for one runtime integration.
  • Duplicate-payment or refund-approval proof pack.
  • 30-day receipt retention during beta.
  • Activation support over email or a shared Slack channel.

Best fit: a team already letting an agent touch payments, refunds, payouts, or credits, and needing proof before a broader rollout.

Pay for Launch Pilot

Hosted checkout. Operator activates the protected control once payment confirms.

Team

$1,500 / mo

Up to 5 production controls.

  • Up to 5 production protected controls.
  • Multiple agents, workflows, and environments.
  • Approval flows with reviewer attribution.
  • 90-day receipt retention during beta.
  • Basic audit export for finance and operations review.

Best fit: a small finance-ops or automation team moving from one guarded action to a repeatable control program.

Pay for Team

Hosted checkout. Operator activates the plan once payment confirms.

Business

$4,000+ / mo

20+ controls and custom packs.

  • 20+ production protected controls.
  • Multiple environments and runtime integrations.
  • Longer receipt retention by agreement.
  • Custom proof packs for nearby finance workflows.
  • Priority support and audit-export assistance.

Best fit: teams standardizing how agents execute economic actions across products, business units, or client accounts.

Request Business

Business is invoice-first while beta entitlements harden.

Launch prices are deliberately simple while beta users prove the category. The unit is the protected control, not token volume, model calls, YAML files, or dashboard seats.

What the beta user should see

The product loop is compact: connect a runtime, observe the risky tool, draft a protected control, activate it, run or replay a proof scenario, and see the receipt immediately.

  • Observe: KIFF sees the live action catalog, such as pay_invoice.
  • Control: KIFF turns that tool into a governed action, such as PAY_INVOICE.
  • Prove: the first payment is allowed, the duplicate is blocked or routed to approval, and the proof is shown in the same flow.
  • Operate: the active control keeps deciding before money moves.

What you are paying for

You are paying for a named third-party control around a costly production action. KIFF decides before execution, records the outcome, and keeps the receipt available for operators, finance, and reviewers.

  • Pre-execution decisions: allowed, approval_required, blocked, invalid.
  • Active controls grouped by runtime, agent, workflow, and action.
  • Immediate receipts for executed proof scenarios, with blocked replay results surfaced beside the receipt.
  • Approvals required and resolved through a documented path.
  • Audit timelines that a non-engineer can read.
  • Receipt retention and exports that scale with the paid tier.

Read RFC 018 for the current MVP contract: Control Proof MVP and protected-control pricing.

What KIFF is not

  • Not a workflow builder. Studio exists to review a protected control, not to compete with generic automation tools.
  • Not observability after the fact. KIFF decides before the action runs; receipts prove what happened afterward.
  • Not a model gateway. We do not proxy LLM calls or sit on the model layer.
  • Not an agent runtime. OpenClaw, Hermes, LangGraph, and other runtimes stay the executor.
  • Not per-seat SaaS. The value scales with protected economic actions and retained proof.

Common questions

What is a protected control?

A protected control is one production action KIFF governs before execution, scoped by tenant, project, environment, agent, workflow, and action. For example: finance/prod/refund-agent/refunds/ISSUE_REFUND.

Why price by protected control?

The risk is not created by a dashboard seat or a model token. It is created when an agent can pay, refund, credit, transfer, or approve something costly. Pricing by protected control keeps the bill tied to the business risk KIFF reduces.

What happens when I cross a plan limit?

For proposal volume limits, the gate returns HTTP 429 with outcome: "limit_exceeded" and reason plan_limit_reached. For protected control limits during beta, activation is operator-mediated so we can keep the first users successful while entitlements harden.

Do receipts cost extra?

Not during the beta pricing model. Receipt volume and retention are bundled into protected-control tiers. Long term, per-receipt metering can become a premium extension once customers prove they want broader evidence coverage.

Do you store card data?

No. Payment goes through hosted Stripe checkout links or manual Stripe invoices. KIFF never holds card data.

Can Business self-serve?

Not yet. Business is invoice-first while beta entitlements, custom proof packs, and retention limits are confirmed with real buyers.