what is C2PA?

by Tuan Hoang · detection lead · last reviewed 2026-05-16
a chain of custody, not a truth verdict.

C2PA is an open standard for attaching cryptographically signed origin and edit history to digital media as tamper-evident ’Content Credentials.’

C2PA is a specification. it defines a manifest format: a JSON-LD bundle of “assertions” about who captured or generated a file, what edits happened, and which tools touched it. the manifest is signed by an X.509 certificate chain and either embedded in the file (JPEG, MP4, PDF, etc.) or stored alongside it. anyone with a verifier can read the manifest and confirm the signatures match.

THE PROVENANCE CHAINstep 1signed at the sourcecamera or app adds itstep 2manifest rides alongtamper-evident recordstep 3a reader verifiesintact? who signed?but platforms often strip it on upload.
C2PA: a signed manifest that rides along with the file

the coalition formed in 2021 by Adobe, Microsoft, the BBC, Intel, Truepic, and Arm, merging the Content Authenticity Initiative and Project Origin. membership now includes Google, OpenAI, Meta, Sony, Nikon, Leica, and Canon. the spec has moved past v2.1; version 2.3 landed in late 2025.

a C2PA manifest records a verifiable chain of who said what about a file. it can declare “AI-generated by DALL-E 3” as readily as “captured on a Leica M11 at this GPS coordinate.”

three practical limits matter:

Content Credentials are opt-in metadata. the absence of a manifest means nothing; only its presence is informative. most images on the open web carry no manifest.

most social platforms strip or re-encode uploads, which destroys embedded manifests. Meta began preserving C2PA on Facebook / Instagram / Threads in early 2024 for some uploads, but coverage is partial; X, TikTok, and Reddit generally don't. a clip that was signed at capture often arrives on a user's phone as a bare MP4 with no provenance left to read.

a C2PA manifest proves signed claims, not truth. a bad actor with a valid certificate can sign a lie; what they can't do is alter the manifest without breaking the signature. that's the actual security property.

C2PA proves a specific signer made specific claims about the file. the credential might say “generated by Midjourney” and that's still a valid C2PA manifest. treat it as a chain of custody, not a truth verdict.

questions

C2PA is an open standard for attaching cryptographically signed origin and edit history to digital media as tamper-evident Content Credentials. it defines a manifest format: a signed bundle of assertions about who captured or generated a file, what edits happened, and which tools touched it. it is a specification backed by Adobe, Microsoft, Google, OpenAI, Sony, and major camera makers. the spec reached version 2.3 by late 2025.

a C2PA manifest proves signed claims. it confirms a specific signer made specific claims about a file. the credential might say ‘generated by Midjourney’ as readily as ‘captured on a Leica M11.’ treat it as a chain of custody; it does not establish whether the underlying content is real.

C2PA verifies who claimed what through signed metadata attached to the file. invisible watermarks like SynthID embed a signal in the pixels themselves. the two complement each other: C2PA metadata gets stripped on re-encoding, while pixel watermarks survive that step somewhat better.

Content Credentials are opt-in, and most social platforms re-encode uploads, which destroys embedded manifests. Meta reads C2PA to label AI content on Facebook and Instagram, but Instagram still strips the manifest on upload, and X, TikTok, and Reddit do the same. a clip signed at capture often lands on a phone as a bare MP4 with no provenance left. absence of a manifest means nothing; only its presence informs you.

sources.

  1. 01
  2. 02
    Content Authenticity Initiative — membership list
    Adobe, Microsoft, Google, OpenAI, Sony, Nikon, Leica, Canon, BBC, Intel, Truepic, Arm.
  3. 03
put one through amige →is this AI? →