CAI open source SDK
You're strongly encouraged to read this introduction and Getting started to give you some basic background and context, before you dive right into development. Working with manifests also has some crucial information, regardless of which language and library you use.
The Coalition for Content Provenance and Authenticity (C2PA) and Content Authenticity Initiative (CAI) are groups working together to develop and promote adoption of an open industry standard for content authenticity and provenance.
What's in the SDK
The CAI open-source SDK (software development kit) is a set of tools and libraries that enable developers to create, verify, and display Content Credentials based on C2PA standards.
The CAI open-source SDK consists of:
- C2PA Tool: a command-line tool for working with C2PA manifests and media assets.
- The JavaScript library (also known as the JavaScript SDK): Client JavaScript library for code that runs, for example, in a web browser.
- Prerelease libraries for Node.js, Python, and C++/C.
- The Rust library, which is the code that underlies everything else. It's the "source of truth" that all the other libraries use.
To see a summary of what each tool and library can do, see Which tool is right for you?.
C2PA Tool
C2PA Tool, is a command-line utility for working with C2PA manifest data. Use this tool to work with assets in a supported file format to:
- Read a JSON report of manifest data.
- Attach a manifest store to an asset, if it doesn't already have an associated manifest store.
- Add a manifest to to the associated manifest store if the asset does have an associated manifest store.
JavaScript library
The client JavaScript library enables working with manifest data in the browser. Use this library to:
- Verify and display manifest data on a website or web application.
- Link manifest data displayed on your site to Verify.
- Easily add user interface elements to your website that display manifest data while following the C2PA user experience recommendations.
Prerelease libraries
The C++/C, Python, and Node.js libraries enable applications written in those languages to create, verify, and display Content Credentials.
These libraries are all early prerelease versions. They may have bugs and unimplemented features, and their APIs are subject to change.
Rust library
The Rust library enables adding C2PA capabilities to a desktop, mobile, or embedded application. The Rust library is the fundamental system underlying everything else. C2PA Tool uses it "under the hood" and language-specific APIs are generated from it.
You can use the Rust library via the Foreign Function Interface (FFI) to:
- Create and sign C2PA claims and manifests.
- Embed a manifest store into certain asset file formats.
- Parse and validate manifests found in certain asset file formats.
Which tool is right for you?
| Use To... | JavaScript Library | C2PA Tool | Prerelease Libraries | Rust Library |
|---|---|---|---|---|
| Display C2PA data on your site or app |  | | | |
| Link C2PA data displayed on your site to Verify | | | | |
| Write C2PA data into files | | | | |
| Quickly create and inspect C2PA data | | | | |
| Customize displaying and creating C2PA data | | | ||
| Deploy on web, mobile, and desktop | | |
More information
For more information about the C2PA and CAI, see the following websites:
| Website | Organization | Purpose / Description |
|---|---|---|
| c2pa.org | C2PA / Linux Foundation | Standards body Technical specifications and guidance documents |
| contentcredentials.org | C2PA | Consumer-friendly site |
| Verify | C2PA | Web-based tool to display Content Credentials. For more information, see Using the Verify tool |
| contentauthenticity.org | CAI | Industry consortium Open-source software and community resources |
C2PA
C2PA provides the formal technical specifications and open standards for content provenance for use by creators, editors, publishers, media platforms, and consumers. C2PA is a mutually-governed standards development organization (SDO) under the structure of the Linux Foundation’s Joint Development Foundation.
The "cr" icon
The "cr" icon is trademarked by the C2PA and is the de facto mark for C2PA user experiences. C2PA members can use this icon to provide a consistent user experience and set expectations that an application, tool, or website implements C2PA standards.
For detailed guidance on using the "cr" icon, see C2PA User Experience Guidance for Implementers.
CAI
CAI is an Adobe-led cross-industry consortium that advocates for the adoption of Content Credentials based on C2PA standards. CAI develops and maintains open-source software based on C2PA technical specifications. CAI members include Adobe, Microsoft, The New York Times Co., The Associated Press, Intel, Qualcomm, and many more.