- C2PA (Coalition for Content Provenance and Authenticity) is an open standard for recording and verifying where a piece of content came from and how it was edited.
- A C2PA manifest travels with a file. It holds assertions about the content, references to the ingredients used to make it, and a cryptographic signature binding all of it to that specific file.
- Provenance is not a watermark. A watermark hides a mark in the content; a C2PA manifest is a signed, structured record you can validate against the published spec at spec.c2pa.org.
- Content provenance matters for AI because an answer is only as trustworthy as its sources. Provenance lets you confirm a source is authentic and unaltered before the model relies on it.
- Provenance and an audit trail answer different questions: provenance proves where content came from; an audit trail proves who accessed it. A verifiable company brain needs both.
C2PA, short for the Coalition for Content Provenance and Authenticity, is an open technical standard for recording where digital content came from and how it has changed. It attaches a signed manifest to a file containing assertions about its origin and edit history, plus references to the ingredients used to create it. For company knowledge and AI provenance, it means every source and every answer can carry a verifiable origin.
What is C2PA?
C2PA is an open technical standard for content provenance, maintained by the Coalition for Content Provenance and Authenticity and published at spec.c2pa.org. It defines how to attach tamper-evident provenance data to images, documents, audio, and video, so anyone can check where a file came from and how it has been modified. Founding participants include Adobe, Microsoft, Intel, Arm, the BBC, and Truepic.
The standard grew out of two efforts to fight manipulated media: the Content Authenticity Initiative and Project Origin. The goal was a single, interoperable way to express provenance that any tool could write and any tool could verify. As AI now generates and edits a growing share of content, that same machinery is what lets you tell an authentic source from a synthetic or altered one.
What is a C2PA manifest?
A C2PA manifest is the package of provenance information bound to a file. It contains one or more assertions (statements about the content), a claim that gathers those assertions together, and a claim signature from the actor or tool that created it. The manifest is cryptographically bound to the file by hashing, so any later change to the content breaks the binding and is detectable when the file is validated.
Manifests accumulate rather than overwrite. As a file moves through tools, each step can add its own manifest, building a manifest store that records the full history. Validating a file walks that chain and checks every signature, which is how a viewer can confirm not just the latest edit but the entire path the content took to get here.
What are assertions and ingredients?
Assertions are individual signed statements inside a manifest: who created the content, what tool was used, what edits were applied, and when. Ingredients are references to other assets used to produce the current one, so a derived file points back to its sources. Together, assertions and ingredients form a provenance graph: a verifiable lineage from a finished asset back through every source that fed it.
That lineage is exactly what you want behind an AI answer. An answer assembled from three documents can, in principle, carry ingredient references back to those three sources, each with its own assertions about origin and authenticity. Instead of a confident paragraph from nowhere, you get a result you can trace, source by source, to material whose provenance checks out.
Why does content provenance matter for AI answers?
Content provenance matters for AI because a generated answer inherits the trustworthiness of its sources, and a model cannot tell an authentic document from a tampered one on its own. Provenance lets the system verify that each source is genuine and unaltered before it grounds an answer in it. Without provenance, an AI answer is confident but unaccountable: you cannot show where it actually came from.
The stakes rise as more content is itself AI-generated. When synthetic and edited material circulates freely, the question 'is this source real' stops being rhetorical. AI provenance, built on C2PA, gives a company brain a way to prefer and prove authentic sources, so the answers it produces rest on material with a checkable origin rather than on whatever was most relevant.
How is C2PA different from a watermark?
A watermark embeds a hidden or visible mark in the content itself, which can be cropped, compressed, or stripped away. C2PA instead attaches a signed, structured manifest describing the content's origin and history, and binds it cryptographically so tampering is detectable rather than merely discouraged. A watermark asks you to spot a mark; C2PA lets you validate a signature against the published specification.
The two are complementary, not competing. A watermark can survive having the manifest stripped, while a manifest carries far richer, verifiable detail than a mark ever could. For company knowledge, the manifest is the workhorse: it is the part that proves origin and edit history in a form an auditor or an agent can check programmatically.
How does C2PA fit a company brain?
In a company brain, C2PA gives every connected source and every generated answer a verifiable origin. When the brain answers, provenance travels with the result, so a reader or an auditor can trace the answer back to authentic, unaltered sources. Combined with permission-aware retrieval and a content-blind audit log, provenance is the third leg of a brain you can prove, not just trust.
AIVM Brain carries C2PA content provenance on sources and answers as a standard part of its verifiable-AI posture. You bring your own model key, nothing you connect trains a model, and provenance sits alongside the audit trail and ERC-8004 agent identity. It is free to start with one command: npx @aivm/brain init.
C2PA vs an audit trail: what each proves
C2PA and an audit trail prove different things, and you want both. Provenance answers 'where did this content come from and how was it changed', as a signed lineage attached to the file. An audit trail answers 'who accessed this, and when', as a tamper-evident log of events. Provenance secures the source; the audit secures the access. Together they make an AI answer fully accountable.
Pair them and the picture closes. C2PA tells you a source is authentic; the audit log, optionally anchored on-chain, tells you exactly who or which agent retrieved it. One without the other leaves a gap: authentic sources accessed by unknown parties, or known access to sources of unknown origin. The verifiable answer needs both legs standing.