Verify What You See

Digital content has no built-in proof of origin. sig-share brings sigstore-style open verification to photos, videos, and media — so provenance can be verified, trusted, and properly attributed.

Learn How It WorksGet Involved

The Content Authenticity Crisis

Every day, billions of images and videos are shared without any way to verify their origin or integrity.

👤

Misattribution

Content creators have no way to prove authorship. Work is stolen, reposted, and credited to others with zero accountability.

✂️

Undetected Modification

Photos and videos are cropped, edited, and recontextualized without any trace. The original intent is lost.

🤖

AI-Generated Fakes

Synthetic media is indistinguishable from real content. There is no standard way to label or detect AI-generated material.

📡

Misinformation at Scale

Without provenance, false narratives spread unchecked. Verification is manual, slow, and inaccessible to most people.

How Open Verification Works

A three-step process that creates a verifiable chain of custody from creation to consumption.

1

Sign at Creation

Content is cryptographically signed the moment it is captured — by the camera, app, or editing tool. Identity is bound via OIDC (like sigstore's Fulcio), so creators never manage keys.

2

Log to Transparency Record

Each signing event is recorded in an append-only transparency log (like sigstore's Rekor). This creates a tamper-evident, publicly auditable record of every checkpoint.

3

Verify Anywhere

Anyone can verify the full provenance chain — who created it, what tools were used, and whether it has been modified. No special software required.

Built on Open Standards

sig-share builds on proven open source infrastructure from the sigstore and C2PA ecosystems.

Identity

Fulcio

Keyless certificate authority for identity-based signing. Creators authenticate via OIDC and receive short-lived certificates — no key management required.

Transparency

Rekor

Append-only transparency log that records every signing event. Provides tamper-evident, publicly auditable proof that content was signed at a specific time.

Standard

C2PA

Coalition for Content Provenance and Authenticity. Open standard for embedding provenance metadata directly into media files.

Library

sigstore-js

JavaScript client for sigstore signing and verification. The foundation for browser-based and Node.js content signing workflows.

Library

c2pa-js

JavaScript library for reading and validating C2PA manifests. Enables in-browser verification of content provenance claims.

sig-share

Open Verification

sig-share combines these technologies into an open verification layer for digital media — signing, logging, and verifying content provenance end-to-end.

Architecture

Content flows through a verifiable pipeline from capture to consumption, with every step recorded.

CaptureCamera
Sign at capture
+ device identity
EditingSoftware
Sign each edit
+ editor identity
PublishingPlatform
Sign on publish
+ platform stamp
VerificationConsumer
Verify chain
+ show provenance
All signing events feed into
Transparency Log
Append-only record of all signing events
Verifier Client
Queries log to verify provenance chain

Help Build the Provenance Layer

sig-share is open source. We are building the infrastructure for verifiable digital content — and we need contributors, researchers, and advocates.

View on GitHubRead the Roadmap