Roadmap

sig-share is building open verification infrastructure for digital content. Here is where we are and where we are headed.

Phase 0 Landing Page & Web Presence

Landing Page

Complete
  • Hero, how-it-works, and CTA sections
  • SEO fundamentals, Open Graph, Twitter cards
  • Structured data (JSON-LD), sitemap, robots.txt

Content & Resources

Complete
  • Articles explaining the technology and ecosystem
  • Curated resources page linking to standards, libraries, and tools
  • FAQ addressing common questions

Sustainability & Funding Strategy

Complete
  • Open source funding model documented
  • Grant opportunities identified (NLnet, Sovereign Tech Fund, Mozilla)
  • Enterprise licensing tiers defined

Phase 1 Core Signing Library

Manifest Format

Planned
  • Define manifest format aligned with C2PA structure
  • Support embedding in JPEG, PNG, MP4, and WebM
  • Assertion types: authorship, creation tool, AI involvement, edit history

Signing & Verification

Planned
  • Keyless signing via OIDC (Fulcio model) using sigstore-js
  • Checkpoint creation and chaining
  • Rekor transparency log integration
  • TypeScript/JS library for integration

Phase 2 CLI & Proof of Concept

CLI Tool

Planned
  • sign, verify, inspect, and checkpoint commands
  • Human-readable provenance chain output

Web Demo

Planned
  • Upload-and-sign workflow in the browser
  • Visual provenance chain viewer
  • Side-by-side verified vs. unverified comparison

Phase 3 Transparency Log

Log Infrastructure

Planned
  • Append-only Merkle tree log service
  • OIDC identity integration for keyless signing
  • Privacy-preserving options: pseudonymous signing, selective disclosure

Phase 4 Ecosystem Integration

Integrations & Adoption

Planned
  • Camera and device signing (mobile SDK, firmware partnerships)
  • Editing software plugins (Photoshop, Lightroom, GIMP)
  • Browser extension and embeddable verification widget
  • CMS plugins, CDN-level verification, platform integrations

Phase 5 Advanced Features

Future Capabilities

Planned
  • Video signing with frame-level checkpoints
  • AI-generated content labeling (model identity, prompt hash)
  • Cross-log federation and batch signing for publishers
  • Content diff visualization between checkpoints

Industry Developments

The content provenance ecosystem is moving fast. Here are recent developments shaping the landscape.

C2PA v2.2 released, ISO fast-track underway

2025

The C2PA spec reached v2.2 with improved cloud signing workflows and a streamlined trust model. The standard is on an ISO fast-track process, signaling broad industry commitment.

Camera manufacturers shipping C2PA support

2025

Sony enabled C2PA signing in their Alpha series. Leica, Nikon, and Canon have announced or shipped firmware updates for in-camera content credentials. Google Pixel devices now support C2PA capture.

Adobe Content Authenticity Initiative grows to 5,000+ members

2025

The CAI expanded to over 5,000 member organizations. Adobe shipped Content Credentials across Photoshop, Lightroom, Premiere Pro, and Firefly, making provenance a default part of creative workflows.

EU AI Act transparency rules taking effect

2025–2026

The EU AI Act requires AI-generated content to be labeled with machine-readable provenance metadata. C2PA-based Content Credentials are emerging as the leading implementation approach.

Platform adoption accelerating

2025–2026

Meta, LinkedIn, and Google have integrated content credential display into their platforms. The challenge of metadata stripping during upload remains an active area of work.

Sigstore reaches general availability milestones

2025

Cosign v3 and Rekor v2 reached general availability, with improved performance and broader ecosystem support. The sigstore model is now the default for major package registries including npm and PyPI.

Want to get involved?

sig-share is open source. Check out the full technical roadmap on GitHub or join the conversation.

View on GitHubRead Articles