Pricing
Start free — 10K attestations a month, no card.
Pro is $99 for 250K. Business is $899 for 2.5M. Overage gets cheaper as you scale. Move the calculator below to find your cheapest plan.
Plans
One clear comparison
Free
$0
10,000 attestations / month
- All 40 vendor trust anchors + 2,093 intermediates
- All built-in TPM-class policies
- Dashboard, live event tail, per-tenant ban list
- Community support
Pro
$99 / month
250,000 included · $1.50 / 1K overage
- Everything in Free
- Customer-authored acceptance policies
- Email support · < 24h response
- Custom domain add-on (coming soon)
Business
$899 / month
2,500,000 included · $0.75 / 1K overage
- Everything in Pro
- Custom domain (auth.acme.com) — coming soon
- Cross-tenant reputation (opt-in)
- Uptime + latency SLA
- Priority email + Slack channel support
Enterprise
Custom
Annual commit · volume pricing
- Everything in Business
- Dedicated trust-anchor refresh cadence
- SOC 2 audit packet (in progress) · 90-day deprecation windows
- Single-tenant deployment available
- Named CSM · on-call escalation path
Calculator
Find your cheapest plan
Slide the inputs to your real numbers. The calculator picks the cheapest tier that covers your volume, shows the bill math, and projects the savings versus paying CAPTCHA solver farms to defeat your own defenses (the industry baseline at $2 / 1K fake signups).
From 100 to 1,000,000 (log scale)
Includes step-up + re-attest cadence (default 1.2)
% of attempted signups that are currently bots / fakes
Effective attestations / month
60,000
50,000 signups × 1.2 att/user
Your monthly Root Herald bill
$99.00
$99 base — 60,000 attestations ≤ 250,000 included
Recommended tier
Most popularPro
Pro covers your volume at the lowest total cost.
Projected savings vs CAPTCHA solver farms
—
At your current abuse rate, solver-farm cost is below the platform fee. The win is structural — once fakes can't bypass, attackers stop trying.
Feature matrix
Every feature, every tier
| Feature | Free | Pro | Business | Enterprise |
|---|---|---|---|---|
| Volume | ||||
| Included attestations / month | 10K | 250K | 2.5M | Custom |
| Overage price (per 1K) | — | $1.50 | $0.75 | Volume |
| Hard quota cutoff | ||||
| Platform | ||||
| All TPM-class trust anchors | ||||
| Built-in acceptance policies | ||||
| Customer-authored policies | ||||
| Cross-tenant reputation | Opt-in (read-only) | Opt-in | Opt-in + contribution credits | |
| Deployment | ||||
| Default (rootherald.io) | ||||
| Custom domain | Coming soon | Coming soon | Coming soon | |
| Customer-proxy transport mode | ||||
| Single-tenant deployment | ||||
| Support & SLA | ||||
| Community / docs | ||||
| Email support | < 24h | Priority | Named CSM | |
| Shared Slack channel | ||||
| Uptime + latency SLA | ||||
| SOC 2 audit packet (in progress) | ||||
| Wire-protocol deprecation window | 90 days | 90 days | 90 days | 90 days |
Comparison
What you'd otherwise pay
Different tools, different failure modes. Here's the honest read: cost, user friction, and what eventually defeats each.
| Approach | Cost | User friction | Defeated by |
|---|---|---|---|
| CAPTCHA solver farms (Turnstile / hCaptcha bypass) | $1–$3 per 1,000 solves to attacker | Visible challenge to real users | Defeated by solver farms within hours |
| Fingerprinting (FingerprintJS Pro) + anti-detect browsers | $200/mo for 100K + $30–60/mo anti-detect license | Silent · but blocks legitimate privacy-conscious users | Defeated by GoLogin, Multilogin, AdsPower, Kameleo + residential proxies |
| KYC (Persona, Sumsub, Onfido) | $0.50 – $3 per check + PII handling cost | Government ID + selfie: kills signup conversion | Doesn't bind to device; valid ID + valid selfie still abusable at scale |
| Root Herald Shield | $0 for 10K · $99 for 250K · $899 for 2.5M | Silent · invisible to users · no PII | Tier 1 defeated cryptographically; Tier 3+ becomes capital-bound (~$30/device + detectable) |
FAQ
Pricing FAQ
What counts as an attestation?
Any completed verification of device evidence through our API counts as one attestation. That includes signup checks, step-up re-attests, and periodic posture re-checks.
Failed-evidence calls (the device returned a malformed PCR quote, the EK chain failed verification, etc.) do not count against your quota. You only pay for completed verdicts.
Do retries count?
Each challenge nonce is single-use, so retrying the same nonce can't be billed twice: a consumed or expired nonce is rejected rather than re-metered. Retries with a fresh nonce (e.g., the user got logged out and re-attested) count separately, which matches reality, since each is a separate attestation event with a separate cryptographic verdict.
What happens when I hit my Free-tier quota?
The Free tier has a hard quota cutoff. Once you hit 10,000 attestations in a calendar month, the API returns HTTP 429 quota_exceeded with Retry-After set to the next billing cycle start. Paid tiers do not cut off; they bill overage at the per-1K rate listed.
You can upgrade in-app at any moment. The change applies immediately; the calendar-month quota resets and overage billing kicks in from that moment forward.
How will the custom-domain add-on work?
Custom domains are on the roadmap, not live yet.The planned flow: you point a CNAME at your tenant's Root Herald edge, for example auth.acme.com → tenant-domains.rootherald.io, we provision a certificate and validate it via DNS, and your SDKs see your domain in their attestation callbacks. The design lives in the transport-modes guide.
When it ships it'll be a $49/month add-on on Pro and part of Business and Enterprise. Until then, every tenant runs on the default rootherald.io edge.
What if I need a self-hosted / on-prem deployment?
Enterprise tier only. We'll ship you a single-tenant container stack, a trust-anchor refresh feed, and a managed sign-key escrow. Pricing is on a per-deployment basis; talk to sales.