Sign, Resolve, and Verify
MANAGED SIGNING & STORAGE
Sign C2PA manifests at any volume.
Hashproof issues signed C2PA manifests with managed keys, Merkle inclusion proofs, and pHash indexing. Signed assets are stored with computed content-address CIDs; batched manifests carry verifiable inclusion proofs.
- ES256 (P-256) signing
- Merkle batch inclusion proofs
- Content-address CIDs (IPFS CIDv1)
SOFT-BINDING LOOKUP
Find the manifest after re-encodes and crops.
pHash-based resolution keeps provenance anchored through platform transformations. Hamming-distance thresholds are configurable; the API returns ranked candidates with similarity scores.
- 2D-DCT perceptual hashing
- 10-bit Hamming threshold default
- Multi-candidate response shape
CRYPTOGRAPHIC PROOF
Confirm authenticity in one call.
Upload a binary to the verify endpoint. Hashproof returns C2PA chain validation, signature check, and trust-list matching, plus a structured trust-status field ready to render.
- Signature + chain check
- Trust-list match
- Lineage DAG via the manifests API
Federation and compliance
TRUST FEDERATION
Resolve across federated registrars.
Connect to peer registrars and resolve across them. Cascading resolution fetches matches from federated peers, so provenance stays reachable across registrar boundaries.
Learn moreCOMPLIANCE REPORTING
Generate EU AI Act reports.
Turn your stored manifests into EU AI Act Article 50 reports. Every finding cites the manifest it came from, with per-manifest issues, six summary counters, and a persisted report history behind one synchronous endpoint.
Learn moreimport { HashproofClient } from '@hashproof/sdk';
const hp = new HashproofClient({ apiKey: 'hpsk_...' });
const result = await hp.verify(photo);
console.log(result.trustStatus);
// → "trusted"npm install @hashproof/sdk
# or
pnpm add @hashproof/sdk