Sign
Issue a C2PA manifest for an asset: a signed record of the signer identity, the asset hash, and the signing time, retrievable through the API. Managed ES256 (P-256) signing with keys held by the service.
METHOD
How Hashproof works.
Content provenance is only useful if a claim signed by one party can be checked by another who does not trust them. Every design decision below follows from that one requirement. The format is open, the cryptography is standard, and the layer stays neutral.
Three primitives
Sign, resolve, verify. Everything else is built from these, exposed as one HTTP API.
Resolve
Reconnect an orphaned asset to its manifest using perceptual fingerprints, even after re-encoding or cropping. A 64-bit two-dimensional DCT hash matched by Hamming distance, with a configurable threshold.
Verify
Return validation detail and trust-list status in one response. The same structured output powers automated triage and human review.
Two ways to bind an asset to its record
C2PA supports an exact binding and a perceptual one. Knowing when to use which is most of the practical work.
Hard bindings are exact
A hard binding is a cryptographic hash of the precise bytes, optionally embedded in the file. It is unforgiving by design: any change breaks the match. This is the right default when the asset reaches the verifier intact.
Soft bindings survive transformation
A soft binding is a perceptual fingerprint that holds up under re-compression, resizing, and metadata stripping. It recovers provenance when the exact bytes no longer match anything on record, which is the common case in the wild.
A match is not a proof
Soft binding answers "is this the same asset." The signature on the resolved manifest is what establishes authenticity. The two work together: resolution reconnects, cryptography attests.
What makes it trustworthy
The properties that matter for trust live in open formats, not in our database.
Anchoring, not storage
Manifest hashes can be batched into a Merkle tree, and each batched manifest carries an inclusion proof a verifier can check against the recorded batch root via the API. Batch roots are not submitted on-chain.
Federation over the open standard
Manifests follow the C2PA 2.x specification and can federate with peer registrars. A record issued in one registrar can be resolved from its peers. The interoperability is the property that makes provenance worth having.
One substrate, many verticals
The same four primitives serve newsrooms, AI labs, insurers, and government archives. We do not build vertical products on top; partners and your own stack do. We keep the layer underneath neutral.
Read the per-primitive detail on the product pages, or the engineering write-ups on the blog.
See the primitives in one API.
Start on the Free tier and sign, resolve, and verify your first asset in a few minutes.