Standards

Built alongside C2PA, not against it.

C2PA (Content Credentials) proves what tool created a piece of media. AIAuth proves that a human reviewed it. The two are complementary layers of the same provenance stack — and an AIAuth receipt can carry C2PA manifest data directly.

The provenance stack

Every piece of AI-assisted output leaves two kinds of evidence worth preserving:

LayerQuestion it answersStandard
Tool provenanceWhat tool created this file?C2PA / Content Credentials
Human attestationDid a person review it before I got it?AIAuth

C2PA is strong on images, video, and audio — formats where a manifest can be embedded into the file itself. It says less about text, spreadsheets, documents, and knowledge-work artifacts where the "tool that made it" is often a chain of prompts rather than a single generator. AIAuth fills that last mile.

How AIAuth interoperates with C2PA today

  1. Read path. When a client attests a file that carries a C2PA manifest, it surfaces the manifest identity in the receipt under ai_markers.c2pa (public signing keys · receipt spec §3.2.1). The attester's verifier can then walk both chains: the C2PA manifest back to the generating tool, and the AIAuth receipt forward to the human who signed off.
  2. Signal consolidation. AIAuth already aggregates AI-authorship signals from multiple sources in a single receipt — Office docProps, PDF XMP metadata, ChatGPT export markers, and (when present) C2PA manifests. A verifier reads one receipt instead of four out-of-band metadata stores.
  3. Offline verification. Receipts verify against an Ed25519 public key published at /.well-known/aiauth-public-key. No AIAuth server is required to check a receipt, which matches the "verify anywhere" ethos of the C2PA Trust Framework.

Roadmap: a C2PA assertion type for human review

The C2PA spec permits custom assertion types under a URI namespace. We intend to publish one:

Assertion label: "aiauth.app/human-review/v1"
Fields:
  reviewer_identity_hash  - HMAC(reviewer email)
  tta_seconds             - seconds between content arrival and attestation
  review_confirmed        - bool
  receipt_id              - parent AIAuth receipt id
  chain_parent            - prior receipt in the doc_id chain

With the assertion type in place, an AIAuth receipt can be embedded directly inside a Content Credentials manifest — a single artifact that carries tool provenance and human attestation together. Target: Q4 2026, contingent on the C2PA Conformance Program timeline.

More than you'd expect from a three-line JSON receipt

A few capabilities that are live today and rarely surface in category comparisons:

  • Cross-format chain integrity. A canonical text hash (content_hash_canonical) is computed by the client from the extractable text of xlsx / pdf / docx / csv sources. When the file is exported to a different format, the canonical hash still matches — the receipt survives format conversion. Useful when a reviewer attests a draft in Word and the final deliverable ships as PDF.
  • Automatic chain formation. Receipts with a matching doc_id or parent hash auto-link into a chain on verification — no separate chain store to manage.
  • Time-to-attest rubber-stamp detection. Receipts carry tta (seconds between content arrival and attestation). A receipt with tta < 10 on >500 characters is flagged on the verification page — the honest signal that "someone pressed a button" without implying "someone read it."
  • AI authorship signal consolidation. Office docProps, PDF metadata, ChatGPT / Claude export markers, and C2PA manifests all land in a single ai_markers block the verifier can read in one pass.
  • Zero-knowledge by default. Hashes and metadata travel to the signing server; the content itself never does — making AIAuth compatible with environments where the underlying file cannot be exfiltrated (healthcare, legal, classified).
  • Key-rotation survivability. The full key manifest publishes every current and retired signing key with validity windows, so a receipt signed under an old key still verifies years later.

Regulatory fit

AIAuth aligns with the EU AI Act Article 50 deployer-disclosure provisions (enforcement begins August 2026) by providing a verifiable record that AI was involved and a human reviewed it. For media assets, we recommend pairing AIAuth with a C2PA implementation rather than substituting for one — AIAuth does not watermark images or embed metadata into media files. This mapping is informational; consult qualified counsel for compliance advice specific to your organization.