Pricing
Four tiers. Every paid tier ships the registry and the audit chain.
A seat is a named operator. A unit of value is an endpoint exported into a shipped SDK, MCP server, or proxy. Every paid tier includes a custom hostname, the two-bucket registry, and ArmoredLedger receipts. Annual prepay is 10% off and already reflected below.
Indie
$49 /mo · $529/yr
One operator. One integration this quarter. Real registry, real audit chain.
- Operators 1
- Endpoints / mo 100
- Private storage 5 GB
- Private bandwidth 50 GB/mo
- Public storage 1 GB
- Public bandwidth 10 GB/mo
- Custom hostname 1 subdomain
- SDKs + Python
- Spec ingest OpenAPI / Postman / Insomnia
- Retention 30 days
- Support Email, 3-day
Team
$299 /mo · $3,229/yr
The first integration plus a teammate. HTTP proxy capture for non-browser surfaces. Where most teams live.
- Operators 5 (+$40 ea)
- Endpoints / mo 1,500
- Private storage 25 GB
- Private bandwidth 250 GB/mo
- Public storage 10 GB
- Public bandwidth 100 GB/mo
- Custom hostname 1 subdomain + 1 CNAME
- SDKs + Go (beta)
- HTTP proxy capture ✓ (CLI / CI / native)
- Replay proxy 1
- Retention 90 days
- Support Slack Connect, 1-day
Business
$1,499 /mo · $16,189/yr
Platform teams. Compliance Evidence Packs. WebSocket + GraphQL. Named CSM.
- Operators 25 (+$30 ea)
- Endpoints / mo 10,000
- Private storage 100 GB
- Private bandwidth 1 TB/mo
- Public storage 50 GB
- Public bandwidth 500 GB/mo
- Custom hostname subdomain + unlimited CNAMEs
- SDKs All + private gen
- WebSocket + GraphQL ✓
- Compliance Evidence Pack ✓ (SOC 2 / HIPAA / PCI)
- Custom landlock/seccomp ✓
- ODE viewer ✓
- Retention 1 year
- Support 4-hr, named CSM
Enterprise
Custom · $60K/yr floor
On-prem Voltainer. SOC2/HIPAA retention. Multi-region. Dedicated tenant stack. Managed oncall available.
- Operators Custom
- Endpoints / mo Custom
- Storage / bandwidth Negotiated
- Custom hostnames Unlimited, multi-region
- Retention 7+ years (contractual SLA)
- SDKs All + custom
- Dedicated tenant stack ✓
- RBAC + SSO (SAML/OIDC) ✓ custom roles
- Managed oncall optional add-on
- Support 24/7 SLA, dedicated SE
Capability ladder
| Capability |
Indie |
Team |
Business |
Enterprise |
| OpenAPI 3.1 emit | ✓ | ✓ | ✓ | ✓ |
| TypeScript SDK | ✓ | ✓ | ✓ | ✓ |
| Python SDK | ✓ | ✓ | ✓ | ✓ |
| MCP server emit | ✓ | ✓ | ✓ | ✓ |
| Spec ingest (OpenAPI / Postman / Insomnia) | ✓ | ✓ | ✓ | ✓ |
| Two-bucket registry (private + public) | ✓ | ✓ | ✓ | ✓ |
| Custom hostname (sub + CNAME) | sub | sub + 1 | sub + ∞ | multi-region |
| ArmoredLedger receipts | ✓ | ✓ | ✓ | ✓ |
| HTTP proxy capture (non-browser) | — | ✓ | ✓ | ✓ |
| Go SDK | — | beta | ✓ | ✓ |
| Replay proxy | — | 1 | unlimited | ✓ |
| WebSocket + GraphQL capture | — | — | ✓ | ✓ |
| Compliance Evidence Pack (SOC 2 / HIPAA) | — | — | ✓ | ✓ |
| Custom landlock + seccomp authoring | — | — | ✓ | ✓ |
| ODE viewer (human takeover) | — | — | ✓ | ✓ |
| RBAC + SSO (SAML / OIDC) | — | — | baseline | custom roles |
| Voltainer/nspawn on-prem image | — | — | — | ✓ |
| 7-yr retention SLA | — | — | — | ✓ |
| Dedicated tenant stack | — | — | — | ✓ |
| Managed Tracebind oncall | — | — | — | add-on |
Separately licensed add-ons
A handful of categories ship as separately-licensed SKUs rather than inside a tier. Distinct buyers, distinct legal posture, distinct attach rate.
- in-toto / SLSA / Sigstore attestation toolkit — supply-chain attestations on Tracebind output. Ships against AL's existing receipt shape.
- HSM-backed signing — CloudHSM / YubiHSM / Thales / Nitro Enclaves. Per-vendor contract.
- API Gateway Connectors — Kong, AWS API Gateway, Apigee, Azure APIM. Ingest gateway logs as a capture source.
- gRPC Toolkit — Protocol-aware capture and emission for gRPC services. Separate product P&L.
- Federation rider — Signed inter-org bundle distribution. Customer A publishes a Tracebind bundle, Customer B verifies and consumes under contract.
Overage and caps
- Storage overage: $0.05 / GB-month above tier quota.
- Bandwidth overage: $0.02 / GB above tier quota.
- Default hard cap: 5× tier bandwidth, customer-configurable down or up to 10×. Public bucket cap is non-disable-able so a viral artifact never nukes your own pipeline. Enterprise can opt out contractually.
- Cap behavior: public bucket hitting cap returns HTTP 503 with Retry-After. Your private operations continue.
Discounting
- Annual prepay: 10% off all paid tiers (already in /yr column).
- Multi-year: +10% (2-yr), +15% (3-yr) on Business and Enterprise.
- Design partners: first 10 logos get Business free for 12 months in exchange for case study, recorded testimonial, and quarterly product review. Hard cap.
- Accredited education + 501(c)(3) nonprofits: Team tier free with attribution. Contact sales with verification.
- MSP / OEM resale: 30% margin on Business, 40% on Enterprise reseller pricing, $30K/yr partner minimum.
- Startup program: Team at 50% off for 12 months for <$5M ARR and <2 years old.
Enterprise — worked example
Acme Corp: 50 internal apps × 30 endpoints (1,500 stable endpoints), 3,500 endpoint-exports per month, 40 operator seats, 7-yr SOC2 retention, on-prem Voltainer, 1-hr SLA.
| Line item | Annual |
|---|
| Business base (floor) | $16,189 |
| Extra operators (15 × $300) | $4,500 |
| Source apps (45 × $1,200) | $54,000 |
| Endpoints/mo (≤10K, included) | $0 |
| 7-yr SOC2/HIPAA retention | $20,000 |
| On-prem dedicated tenant stack | $25,000 |
| 1-hr SLA upgrade | $15,000 |
| Subtotal | $134,689 |
| 3-yr commitment discount (−15%) | −$20,203 |
| Quoted annual (3-yr term) | ~$114,000 |
Year-1 also includes a one-time $35K onboarding SOW. Quote range presented to buyers: $110K–$140K/yr, anchored on $125K.