Proof, independent of the file.

C2PA signs content at capture. But the proof is locked inside the file, and platforms strip it on upload. We needed a way to separate the proof from the file so it survives anything.

The right foundation already exists

The root cause of all these problems is the same: digital content's origin and rightful owner are unknowable.

Detecting fakes after the fact, using AI or watermarks, is a structural arms race. As generation improves, so does the ability to fake. There is no inherent advantage for defenders.

The sound approach is to record provenance at the time of creation with cryptographic signatures. The security of these signatures depends on the integrity of signing keys, the certificate chain, and the implementation. But unlike post-hoc detection, this approach has a structural foundation rather than an endless game of catch-up.

C2PA (Coalition for Content Provenance and Authenticity), backed by Adobe, Microsoft, Google, and over 6,000 organizations, is the open standard for exactly this. It records who captured content, when, with what tool, and what edits were made, all cryptographically bound to the content.

Google Pixel signs photos with its Titan M2 chip. Sony, Nikon, and Canon cameras embed C2PA signatures. OpenAI, Google, and Adobe sign their AI-generated content with C2PA. The infrastructure is real and growing.

But proof dies when shared

C2PA verification requires two things: the full manifest data (a JUMBF container holding the signature chain, certificates, and edit history) and the complete original binary of the content itself. For a photo, that means the full-resolution capture. For a video, the entire original file. The cryptographic hash must match byte-for-byte. This tight coupling is how C2PA guarantees integrity.

The problem: nearly every social media platform, messaging app, and CDN strips the manifest and recompresses the content on upload. Facebook, Instagram, X, and YouTube all remove C2PA data and alter the binary. Once that happens, verification becomes impossible. The World Privacy Forum calls this "the primary obstacle to C2PA interoperability."

C2PA alone
Proof is in the file
Original capture
Screenshot / re-save
Social media upload
Re-download
With Title Protocol
Proof is linked on-chain
Original capture
Screenshot / re-save
Social media upload
Re-download

Even when C2PA data survives, the verified attributes inside (hardware capture proof, timestamp, edit history) can only be accessed by parsing the full manifest together with the original binary. There is no way for a third party to independently query those attributes without having the complete original file.

Existing solutions try to recover the full manifest through watermarks or centralized cloud storage. But these approaches either rely on a single company's infrastructure or attempt to reconstruct what was lost, rather than solving the underlying coupling.

To build an app where proof of authenticity actually reaches people on social media, we needed to solve a different problem: separating verified attributes from the content, so the proof remains accessible even without the complete original file.

Title Protocol: making proof independent

Extracting verified attributes from content and recording them as standalone, trustworthy records.

Title Protocol takes C2PA-signed content and verifies it inside a Trusted Execution Environment (TEE): hardware-isolated processing designed so that the server operator cannot access or alter the verification. The verified attributes are then extracted into independent on-chain records.

The result: provenance data that exists on its own. No original file needed. Anyone can query the attributes (who captured it, when, with what device, whether it was hardware-signed) directly from the blockchain.

1
Sign at capture
C2PA records who captured the content, when, and with what tool, cryptographically bound to the content.
2
Verify in isolated hardware
A TEE (currently targeting AWS Nitro Enclaves) verifies the C2PA data. The TEE is designed so that the operator cannot access the process. The verification result is signed with the TEE's internal key.
3
Extract and record
The verified attributes are extracted and linked to a compressed NFT on the Solana blockchain. Cost at current network conditions: ~$0.00015 per record. 100,000 records cost roughly $15.
4
Anyone can verify, anywhere
Your browser fetches data directly from blockchain nodes and checks the TEE signature. The proof exists independently of the content file.

What exists today and what remains unsolved

C2PA verification services and provenance registries exist. Here is where the gaps remain.

Proof that survives sharing
C2PA data is stripped by nearly every platform. Existing solutions attempt to recover the full manifest via watermarks or centralized cloud. Title Protocol takes a different approach: verified attributes exist as independent records on the blockchain, so even after C2PA metadata is stripped from the file, the provenance data remains accessible without recovering the original manifest.
Querying attributes without the file
Existing services store full C2PA manifests externally, so you still need to parse the manifest to access specific attributes. Title Protocol extracts and records individual verified attributes, making them directly queryable from the blockchain.
Cross-platform rights tracing
When content goes viral, tracing the original creator requires searching across fragmented services, each with its own ID scheme. Title Protocol uses a content ID derived from the SHA-256 hash of the C2PA manifest signature. This is a value anyone can compute from the same C2PA content, independent of Title Protocol. Rights holders are linked by wallet address, enabling cross-platform tracing through a neutral, non-proprietary identifier.
Trusting the verifier
If a company runs the verification, you must trust that company. Title Protocol uses TEE: the verification is designed to happen in hardware-isolated processing where the operator cannot intervene. The result is cryptographically signed and client-verifiable. All TEE enclave code is open source, so the verification logic itself can be independently audited. The trust shifts from a company's reputation to a publicly auditable codebase and security model.

RootLens

The reason we built Title Protocol

RootLens is a camera app that proves your photo or video was really captured, and lets you share that proof on any platform.

1.Capture a photo or video
2.The app signs it with C2PA using the device's secure hardware
3.Publish. Title Protocol extracts and records the proof
4.Share the link anywhere. Anyone can verify it

The proof outlives the app. If RootLens disappears tomorrow, the verification records remain linked to on-chain NFTs. Other applications built on Title Protocol can access the same records.

For creators who face AI-generation accusations, journalists who need verifiable evidence, and anyone whose content is worth proving real.

Open source. Open protocol.

The specification, architecture documentation, and implementation are all publicly available. You can read the docs and independently verify or reimplement the entire system.

RootLens is built on Title Protocol, an open protocol. Anyone can run a verification node, and anyone can build an application on it.

Title ProtocolRootLens

All source code is public, released under Apache 2.0.