Skip to content

MANAGED SIGNING

Issue C2PA manifests through one HTTP call.

Hashproof signs C2PA 2.x manifests with managed keys. ES256 signatures, Merkle batch inclusion proofs, and computed content-address CIDs. One endpoint: POST /v1/sign.

What you get

Four properties of the signing pipeline. None of them require additional configuration.

Managed keys

Hashproof holds the signing keys on your behalf. Keys never leave the signing service.

Hybrid signatures

Each signing request is signed with ES256; the manifest records the signer identity, signing time, and algorithm label, plus an additive ML-DSA-65 assertion. On runtimes without ML-DSA support the assertion is a labeled simulation, not a cryptographic signature.

Merkle batch proofs

Each signed manifest can be batched as a leaf in a Merkle tree. The inclusion proof binds the manifest ID and content hash to the recorded batch root, retrievable from the API.

Content-addressed storage

Every manifest gets a computed IPFS CIDv1 as a secondary identifier, with optional pinning. Raw bytes live in S3-compatible object storage.

How a signature happens

One request fans out to four data planes. Signing returns synchronously; Merkle batching runs separately via the anchoring endpoint.

  1. 01

    POST a binary

    Send the asset (image, audio, video, document) to /v1/sign with a title. Multipart form data; up to 50 MB per request.

  2. 02

    Server signs with managed key

    The signing service hashes the asset, builds a C2PA 2.x claim, and signs with the service-held ES256 key, adding an ML-DSA-65 assertion. The raw key never leaves the signing service.

  3. 03

    Manifest stored, CID returned

    The uploaded bytes are stored in object storage with a computed CID; the manifest record is indexed in Postgres. The response carries a manifest ID, the manifest, and the signature algorithm.

  4. 04

    Batched for anchoring

    The manifest is eligible for the next Merkle batch. Once batched, GET /v1/manifests/:id/proof returns the inclusion path, verified against the recorded batch root.

Minimal request

cURL is enough. The TypeScript SDK wraps the same call with typed responses.

curl -X POST https://api.hashproof.ai/v1/sign \
  -H "x-api-key: $HASHPROOF_API_KEY" \
  -F "file=@/path/to/image.jpg" \
  -F "title=Q3 launch hero"

# => {
#   "manifestId": "01JS7Z...",
#   "manifest": { "cid": "bafkrei...", "signatureInfo": { "algorithm": "ES256+ML-DSA-65", ... }, ... },
#   "signedAssetUrl": null,
#   "message": "Asset signed and manifest stored successfully"
# }

Related capabilities

Signing is the first verb of three. The full triple is what makes provenance load-bearing.

Resolve

Find the manifest after re-encodes, crops, or platform compression. pHash + Hamming threshold lookup over stored manifests.

Verify

One call checks provenance for any asset signed through Hashproof and returns validation detail and trust status.

Compliance reports

EU AI Act Article 50 reports generated from the manifests you store. Per-manifest findings and summary counters, returned as JSON.

Sign your first manifest in 60 seconds.

Free tier includes 1,000 signed manifests per month. No credit card.