Licensing Models — PUCE v3.0.0

Two ways to use the PUCE Engine

Pick the model that best fits your operation: self-hosted binary under NDA, or REST API as a service.

PUCE Engine is our proprietary intelligent compression + post-quantum encryption engine. For maximum flexibility, we offer two commercial options — both share the same binary core and cryptographic strength.

ENTERPRISE

Option A — PUCE Binary (NDA)

Self-hosted · Builds in your environment · Zero external dependency

Customer receives compiled artifact (.tar.gz) with libpqsl_core + headers + License Guard. All computation happens on your servers. Ideal for banks, defense, government and enterprises with strict data-sovereignty requirements.

Static compiled library (libpqsl_core.a / .so) + C header
CRL-based License Guard with device fingerprint
Unique Ed25519 watermark per customer
Source tree SHA3-256 embedded in binary
Anti-debug + anti-tampering + anti-reversing
24/7 dedicated support + secure channel
Independent audit allowed under NDA
NIST FIPS 203/204 + ETSI compliance

Best for: banks, defense, government, hospitals, critical infrastructure.

Request proposal (Binary + NDA)

SAAS

Option B — PUCE REST API (SaaS)

Cloud-hosted · Pay-per-use · Integrate in minutes

Use authenticated HTTPS calls to our PUCE endpoints. No install, no build, no key management. Usage-based billing. Ideal for startups, MVPs, pilots and apps with variable traffic.

REST endpoints: /puce/compress, /puce/encrypt, /puce/sign
API Key authentication + optional mTLS
Per-tenant rate limiting and quotas
99.9% SLA with multi-region fail-over
Exportable audit logs (SOC 2)
Real-time usage dashboard
Webhooks for critical events
TLS 1.3 + optional post-quantum ciphers

Best for: startups, SaaS, mobile apps, pilots, fast integrations.

Start with REST API

Side-by-side comparison

Feature	PUCE Binary (NDA)	PUCE REST API (SaaS)
Delivery model	.tar.gz (staticlib + header)	HTTPS endpoints
Does data leave your environment?
Requires signed NDA
Initial setup	~1–2 days	~5 minutes
License Guard + device fingerprint		N/A (API key auth)
Customer-side compilation
Updates	Manual (new tarball)	Automatic
Latency	Zero (in-process)	~30–80 ms per call
Billing	Annual fixed + support	Pay-per-call / monthly tier
SHA3 audit + SBOM
Offline / air-gap support
Auto-scaling	Customer-managed

FAQ

Can I migrate from API to Binary later?

Yes. We keep full API parity between both models. Migration means replacing HTTP calls with local FFI calls — payload formats are identical.

Does the Binary need internet access?

Not for normal operation. Only for periodic license renewal (CRL) — with configurable offline grace period. Supports full air-gap under contract.

What are the REST API billing tiers?

Starter (up to 1M calls/month), Pro (up to 50M), Enterprise (custom). Volume-based billing with progressive discounts. Contact us for detailed pricing.

Is the NDA mandatory to get the Binary?

Yes. PUCE is closed proprietary software — the NDA protects IP and defines allowed use. NDA template included in every tarball.

Can I use both models in parallel?

Yes — many customers use REST API in dev/staging and Binary in production. Or Binary in main data centers and REST API at the edge/mobile.

Which model fits your use case?

Talk to the team