Content Authenticity Federation

A seal that survives the internet.

AI can now fabricate anything that looks real. A photograph of Lincoln. A nineteenth-century letter. A page from a history book. Nobody on the internet can tell the difference.

The libraries, newsrooms, and museums whose job is to keep what's real have no way to prove it's theirs. A student citing a fake NYPL photograph in their paper has no way to know.

Try it How it works On GitHub
Demonstration

Verify something.

Upload a file or paste a URL. Results in under a second.

The file's SHA-256 must match the credential's contentHash claim.

or

We'll fetch it and auto-discover a credential at <url>.vc if one exists.

Paste manually only if auto-discovery doesn't find one.

How it works

Three moves. No blockchain.

1.

Identity

Each institution publishes a small identity file at its own domain — e.g. nypl.org/.well-known/did.json. No registry. The domain is the identity.

2.

Seal

For every item they publish, they sign a small attestation: "this content hash is ours." Ed25519, W3C Verifiable Credentials. Millions of items in minutes.

3.

Verify

Any reader, anywhere, resolves the identity file and checks the math. Green, grey, or red — in one HTTPS round trip. Works offline after first fetch.

Technical

The protocol.

Protocol
caf/0.1
Node DID
did:web:sigillo.ai
Identity
/.well-known/did.json
Node info
/v1/node
Verify API
POST /v1/verify
Signatures
EdDSA (Ed25519) over JWS
Built on
W3C DIDs · W3C Verifiable Credentials · C2PA-compatible
License
Open source · MIT