Skip to main content

Assertions and actions

Assertions

Assertions provide information about when, where, and how an asset was created or transformed.

In the JSON manifest, each assertion is specified by a ManifestAssertion object. All the assertions in the manifest are in the assertions array. A ManifestAssertion object has two required properties, label, a string, and data, which can contain arbitrary information; and two optional properties, kind and instance.

The standard form of an assertion in a JSON manifest is:

"assertions": [
...
{
"label": "Label string",
"data": {
// Arbitrary data in JSON-LD format ..
},
"kind": "Json" // Optional: one of “Cbor”, “Json”, “Binary”, or “Uri”
"instance" : 0 // Optional and rarely used
},
...
]

Metadata assertions

Metadata assertions include

Metadata assertions must include one or more @context properties in the data object, as explained in the JSON-LD specification. Follow the examples shown in each section.

C2PA standard assertions

The C2PA Technical Specification defines a set of standard assertions and their corresponding labels. In addition, you can define custom assertions for your specific application.

The following table summarizes some of the most important standard assertions.

AssertionLabelDescription
Actionsc2pa.actionsCreation, edits, and other actions on an asset, such as cropping, color or contrast adjustment, and so on.
"Do not train"c2pa.training-miningWhether the creator/owner of an asset grants permission to use it for data mining or AI/ML training.
Creative workstds.schema-org.CreativeWorkIndicates the asset is the product of creative effort.
Exif informationstds.exifCamera information such as maker, lens stored in Exchangeable image file format (Exif).
Content bindingsc2pa.hash.*, c2pa.soft-binding, etc.Uniquely identify portions of an asset and bind the assertion to it, for example using cryptographic hashes.
IPTC photo and video metadatastds.iptcProperties from the IPTC Photo and Video Metadata Standards, describing for example ownership, rights, and other metadata about a image or video asset.
note

The CAI SDK handles assertions for thumbnails, content bindings, and ingredients, so normally you don't need to think about them.

Do not train assertion

Assertions with the c2pa.training-mining label indicate whether permission is granted to use an asset in data mining, machine learning (ML) training, or inference. The latter is sometimes referred to as the "do not infer" assertion.

Entry KeyWhether permission is granted...Possible values of use property
c2pa.data_miningTo extract text or data from the asset for purposes of determining "patterns, trends and correlations," including images containing text, where the text could be extracted via OCR.allowed,
notAllowed,
or constrained
c2pa.ai_trainingTo use the asset to train non-generative AI/ML models, such as those used for classification, object detection, and so on.allowed,
notAllowed,
or constrained
c2pa.ai_generative_trainingTo use the asset as training data for a generative AI/ML model that could produce derivative assets.allowed,
notAllowed,
or constrained
c2pa.ai_inferenceTo use the asset as input to a trained AI/ML model for the purposes of inferring a result. Sometimes referred to as the "do not infer" assertion.allowed,
notAllowed,
or constrained

The value of each of these properties is an object with a use property that can have one of these values:

  • allowed: Permission is granted for this type of use.
  • notAllowed: Permission is NOT granted for this type of use.
  • constrained: Permission is not unconditionally granted for this use. You can provide more details (such as contact information) in the constraints_info text property.

For more information, see the C2PA Technical Specification.

For example:

"assertions": [
...
{
"label": "c2pa.training-mining",
"data": {
"entries": {
"c2pa.ai_generative_training": { "use": "notAllowed" },
"c2pa.ai_inference": { "use": "notAllowed" },
"c2pa.ai_training": { "use": "notAllowed" },
"c2pa.data_mining": {
"use": "constrained",
"constraint_info" : "Contact foo@bar.com for more information."
}
}
}
}
...
]

Creative work assertion

A creative work assertion states that an asset was the product of creative effort, such as an original photograph or artwork. Schema.org provides a set of types and metadata fields, including CreativeWork, which describes a representation of creative effort. This assertion provides information about the asset, including who created it and the date/time of publication.

A creative work assertion has the label stds.schema-org.CreativeWork.

For example:

...
"assertions": [
...
{
"label": "stds.schema-org.CreativeWork",
"data": {
"@context": "https://schema.org",
"@type": "CreativeWork",
"url": "https://stock.adobe.com/615559889"
},
"kind": "Json"
},
...
]

Exif assertion

Exchangeable image file (Exif) format is a standard for storing technical metadata in image files of JPEG, TIFF, PNG, and other formats. Most digital cameras (including smartphones), scanners and other digital capture devices use Exif to store information such as device make and model, shutter speed, ISO number, date and time of capture, location, and so on. For more information on Exif, see the Exif specification.

Use an Exif assertion to add Exif information to the asset in a way that can be validated cryptographically. An Exif assertion has the label stds.exif.

Here is a simple example:

"assertions": [
...
{
"label": "stds.exif",
"data": {
"@context" : {
"exif": "http://ns.adobe.com/exif/1.0/"
},
"exif:GPSVersionID": "2.2.0.0",
"exif:GPSLatitude": "39,21.102N",
"exif:GPSLongitude": "74,26.5737W",
"exif:GPSAltitudeRef": 0,
"exif:GPSAltitude": "100963/29890",
"exif:GPSTimeStamp": "2019-09-22T18:22:57Z"
}
}
...
]

IPTC metadata assertion

An International Press Telecommunications Council (IPTC) metadata assertion represents properties from the IPTC Photo Metadata Standard and Video Metadata Standard that describe ownership, rights, and descriptive metadata about an asset.

An IPTC assertion has the label stds.iptc and is stored in JSON-LD format using the XMP field names and structures specified in the IPTC standards.

Earlier versions of the C2PA specification defined the stds.iptc.photo-metadata label for IPTC photo metadata; starting with version 1.3, the C2PA specification defines the stds.iptc assertion that includes video metadata as well.

note

Do not use the IPTC plus:DataMining property to specify whether permission is granted to use an asset in data mining or AI/ML training. Instead use the C2PA "do not train" assertion.

For a summary reference to IPTC metadata properties, see IPTC properties.

See also:

For example:

...
"assertions": [
...
{
"label": "stds.iptc",
"data": {
"@context" : {
"Iptc4xmpCore": "http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/",
"Iptc4xmpExt": "http://iptc.org/std/Iptc4xmpExt/2008-02-29/",
"dc" : "http://purl.org/dc/elements/1.1/",
"photoshop" : "http://ns.adobe.com/photoshop/1.0/",
"plus" : "http://ns.useplus.org/ldf/xmp/1.0/",
"xmp" : "http://ns.adobe.com/xap/1.0/",
"xmpDM" : "http://ns.adobe.com/xmp/1.0/DynamicMedia/",
"xmpRights" : "http://ns.adobe.com/xap/1.0/rights/"
},
"photoshop:DateCreated": "Aug 31, 2022",
"dc:creator": [ "Julie Smith" ],
"Iptc4xmpExt:DigitalSourceType": "https://cv.iptc.org/newscodes/digitalsourcetype/digitalCapture",
"dc:rights": "Copyright (C) 2022 Example Photo Agency. All Rights Reserved.",
"photoshop:Credit": "Julie Smith/Example Photo Agency via Example Distributor",
"plus:licensor": [
{
"plus:LicensorName": "Example Photo Agency",
"plus:LicensorURL": "http://examplephotoagency.com/images/"
}
],
"xmpRights:WebStatement": "http://examplephotoagency.com/terms.html",
"xmpRights:UsageTerms": [
"Not for online publication. Germany OUT"
],
"Iptc4xmpExt:LocationCreated": {
"Iptc4xmpExt:City": "San Francisco"
},
"Iptc4xmpExt:PersonInImage": [
"Erika Fictional"
],
"Iptc4xmpCore:AltTextAccessibility": "Photo of Erika Fictional standing in front of the Golden Gate Bridge at sunset."
}
},
...
]

Content bindings

Content bindings are standard assertions such as c2pa.hash.boxes and c2pa.hash.data that uniquely identify portions of an asset. For more information on content bindings, see the C2PA Technical Specification.

note

The CAI SDK writes content bindings assertions, so normally you don't need to write them, just read them.

For example, the c2pa.hash.data assertion shown in the detailed manifest example specifies an exclusion hash:

"assertions": [
...
"c2pa.hash.data": {
"alg": "sha256",
"exclusions": [
{
"length": 51179,
"start": 20
}
],
"hash": "DcGR4k9M6aLXXCeDii4tSdX45rrIM5HSr1Wy/czQ6ro=",
"name": "jumbf manifest",
"pad": "<omitted>"
},
...
]

Custom assertions

In addition to the C2PA standard assertions, you can also define custom assertions if the standard assertions don't cover your specific needs. A custom assertion has a label string with reverse domain name notation syntax, for example com.adobe.product-foo.bar.

For example:

"assertions": [
...
{
"label": "com.truepic.libc2pa",
"data": {
"git_hash": "023bb51",
"lib_name": "Truepic C2PA C++ Library",
"lib_version": "2.5.1",
"target_spec_version": "1.2"
},
"kind": "Json"
},
...
]

Actions

Actions provide information about creation, edits, and other things that have occurred to an asset. In the manifest, an actions assertion is an array of ManifestAssertion objects. For example:

...
"assertions": [
{
"label": "c2pa.actions",
"data": {
"actions": [
{
"action": "c2pa.created",
"digitalSourceType": "http://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMedia",
"softwareAgent": "Adobe Firefly"
}
]
}
}
],
...

Each object in the actions array has the following standard properties.

PropertyRequired?DescriptionExample
actionYesThe action name. See Action names.c2pa.created
digitalSourceTypeNoA URL identifying a IPTC term. See Digital source type.http://cv.iptc.org/newscodes/digitalsourcetype/
compositeWithTrainedAlgorithmicMedia
softwareAgentNoThe software or hardware used to perform the action."Adobe Firefly"
parametersNoAdditional information describing the action.Reference to an ingredient.

Action names

The value of the action property must be either one of the pre-defined standard C2PA action strings of the form c2pa.* or a custom action name. The set of standard C2PA actions includes fundamental ones as c2pa.created for when an asset is first created, and others (c2pa.cropped, c2pa.resized, and so on) for when an asset's content is modified in some way.

For the complete list of standard actions, see the C2PA Technical Specification.

Digital source type

Use the digitalSourceType property to specify how an asset was created or modified, for example "digital capture", "digitized from negative," or "trained algorithmic media."

The value of digitalSourceType is one of the URLs specified by the International Press Telecommunications Council (IPTC) NewsCodes Digital Source Type scheme of the form http://cv.iptc.org/newscodes/digitalsourcetype/negativeFilm/<CODE>, where <CODE> is one of the codes shown in the following table.

CodeDescription
algorithmicallyEnhancedMinor augmentation or correction by algorithm.
algorithmicMediaMedia created purely by an algorithm not based on any sampled training data, e.g. an image created by software using a mathematical formula.
compositeCaptureMix or composite of several elements that are all captures of real life.
compositeSyntheticMix or composite of several elements, at least one of which is synthetic.
compositeWithTrainedAlgorithmicMediaThe compositing of trained algorithmic media with some other media, such as with inpainting or outpainting operations.
dataDrivenMediaDigital media representation of data via human programming or creativity.
digitalArtMedia created by a human using digital tools.
digitalCaptureThe digital media is captured from a real-life source using a digital camera or digital recording device.
minorHumanEditsMinor augmentation or correction by a human, such as a digitally-retouched photo used in a magazine.
negativeFilmThe digital image was digitized from a negative on film or any other transparent medium.
positiveFilmThe digital image was digitized from a positive on a transparency or any other transparent medium.
printThe digital image was digitized from an image printed on a non-transparent medium.
softwareImageThe digital image was created by computer software.
trainedAlgorithmicMediaDigital media created algorithmically using a model derived from sampled content.
virtualRecordingLive recording of virtual event based on synthetic and optionally captured elements.
note

This table is provided for convenience. For the authoritative list, see the IPTC NewsCodes Digital Source Type scheme (controlled vocabulary).

Generative AI action

To specify that an asset was created using generative AI, use the c2pa.created action with digitalSourceType that's one of:

  • trainedAlgorithmicMedia for an asset created by generative AI tools.
  • compositeWithTrainedAlgorithmicMedia for an asset that contains one or more elements that were created by generative AI tools.

For other possible values of digitalSourceType, see Digital source type.

"assertions": [
...
{
"label": "c2pa.actions",
"data": {
"actions": [
{
"action": "c2pa.created",
"digitalSourceType": "http://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMedia",
"softwareAgent": "<TOOL_NAME>"
}
]
}
}
...
]

Where <TOOL_NAME> is the name of the generative AI tool or service.

Parameters

The parameters property can contain any data that provide more details on the action, for example:

"actions": [
{
"action": "c2pa.color_adjustments",
"parameters": {
"com.adobe.acr": "Contrast2012",
"com.adobe.acr.value": "26"
}
},
...
]

For more information on action parameters, see the C2PA Technical Specification.

The instanceId property

The instanceId property identifies an ingredient (with a matching value of instance_id) used in an action and is only used when defining/writing a manifest, not reading one.

"ingredients": [
{
...
"instance_id": "<String-instance-ID-of-ingredient>",
...
},
...
"actions": [
{
"action": "c2pa.*",
"instanceId": "<String-instance-ID-of-ingredient>",
"parameters": {
"ingredient": {
"hash": "tTBD4/E0R0AjLUdJFpsVz3lE/KJUq22Vz0UGqzhEpVs=",
"url": "self#jumbf=c2pa.assertions/c2pa.ingredient"
}
}
},
...
]

For example, the following action identifies that the c2pa.opened action was performed on the ingredient with ID xmp.did:813ee422-9736-4cdc-9be6-4e35ed8e41cb:

"ingredients": [
{
"title": "A.jpg",
"format": "image/jpeg",
"document_id": "xmp.did:813ee422-9736-4cdc-9be6-4e35ed8e41cb",
"instance_id": "xmp.iid:813ee422-9736-4cdc-9be6-4e35ed8e41cb",
"thumbnail": {
"format": "image/jpeg",
"identifier": "xmp.iid-813ee422-9736-4cdc-9be6-4e35ed8e41cb.jpg"
},
"relationship": "parentOf"
},
...
],
"assertions": [
...
{
"label": "c2pa.actions",
"data": {
"actions": [
{
"action": "c2pa.opened",
"instanceId": "xmp.iid:813ee422-9736-4cdc-9be6-4e35ed8e41cb",
"parameters": {
"ingredient": {
"hash": "tTBD4/E0R0AjLUdJFpsVz3lE/KJUq22Vz0UGqzhEpVs=",
"url": "self#jumbf=c2pa.assertions/c2pa.ingredient"
}
}
},
...
]
}
}
],
...

V2 actions

This documentation covers C2PA v1 actions. The C2PA Technical Specification also describes expanded v2 actions. V1 actions are fully specified in the actions array. However, a v2 action may either be specified by an element of the actions array or from an element in the templates array with the same action name.

There are some additional differences between v1 and v2 actions, for example in v2, softwareAgent is a ClaimGeneratorInfo structure instead of a string. The CAI APIs can read all v2 actions and write most v2 actions.