Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
Discussion options

timbray
Oct 31, 2024

C2PA's official home is at https://contentauthenticity.org, the open-source software is at https://github.com/contentauth/c2patool, more depth at https://contentcredentials.org, slightly more human-readable explanatory blogs (from me) at https://www.tbray.org/ongoing/When/202x/2023/10/28/C2PA-Workflows and https://www.tbray.org/ongoing/When/202x/2024/10/29/Lane-Provenance

Tl;dr: PKI-based provable provenance for media files. Extra goodies: Details about what devices and software were involved in creating/manipulating the image.

Disclosure: No relationship with any of the C2PA organizations, just a photographer who cares about provenance and disinformation.

In a world with a lot of C2PA, what libvips should do is straightforward: Write a C2PA manifest into the EXIF saying the image was updated with libvips and some info about what was done. For extra credit, insert some identity information, e.g. a social media account, there are plenty of easy-to-access identity providers people might want to use. If there was already a C2PA manifest there do the right signature-chain things.
You must be logged in to vote

Replies: 5 comments · 1 reply

Comment options

renchap
Oct 31, 2024

This would be very useful for us at Mastodon, as providing trusted information about an image source/processing is critical in those time of misinformation and AI-generated images.

In our case, we could really use a way to add the identity information (Mastodon account) when the image is posted, and have an easy way to read the metadata so it could be returned by our API / displayed in the UI.

I think this is a project that could be accepted into one of NLNet's open-source funding programs, and the Mastodon project can back the application if thats needed.
You must be logged in to vote
0 replies
Comment options

yawnbox
Mar 15, 2025

More and more cameras support C2PA (I keep a list here https://c2pa.camera), journalistic integrity on fedi could really use this.
You must be logged in to vote
0 replies
Comment options

jcupitt
Mar 15, 2025
Maintainer

I've made an enhancement issue. Thanks for suggesting this!
You must be logged in to vote
1 reply
@jcupitt
Comment options

jcupitt Aug 22, 2025
Maintainer

The enhancement issue: #4420

(not sure why github didn't link it automatically)
Comment options

cmahnke
Jun 18, 2025

Just noticed this discussion, I wrote a related blog article on a use case some months ago:
https://christianmahnke.de/en/post/digital-provenance/
You must be logged in to vote
0 replies
Comment options

timbray
Jun 18, 2025
Author

By a weird coincidence, I just in the last ten minutes published this: https://www.tbray.org/ongoing/When/202x/2025/06/17/More-C2PA

It talks (among other things) about issues with open-source and C2PA.
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
💡
Ideas
Labels
None yet
5 participants
@timbray @renchap @cmahnke @jcupitt @yawnbox
Morty Proxy This is a proxified and sanitized view of the page, visit original site.