Introduction
You're strongly encouraged to read this introduction and Getting started to give you some basic background and context, before you dive right into development. Working with manifests also has some crucial information, regardless of which language and library you use.
Overview
The Coalition for Content Provenance and Authenticity (C2PA) creates formal standards for the source and history (or provenance) of media content.
The Content Authenticity Initiative (CAI) is an Adobe-led cross-industry consortium that advocates for the adoption of Content Credentials based on C2PA standards. CAI develops and maintains open-source software based on C2PA technical specifications.
| Website | Organization | Purpose / Description |
|---|---|---|
| c2pa.org | C2PA / Linux Foundation | Standards body Technical specifications and guidance documents |
| contentcredentials.org | C2PA | Consumer-friendly site |
| Verify | C2PA | Web-based tool to display Content Credentials. For more information, see Using the Verify tool |
| contentauthenticity.org | CAI | Industry consortium Open-source software and community resources |
C2PA
C2PA provides the technical specifications and open standards for content provenance for use by creators, editors, publishers, media platforms, and consumers. C2PA is a mutually-governed standards development organization (SDO) under the structure of the Linux Foundation’s Joint Development Foundation.
The "cr" icon
The "cr" icon is trademarked by the C2PA and is the de facto mark for C2PA user experiences. C2PA members can use this icon to provide a consistent user experience and set expectations that an application, tool, or website implements C2PA standards.
For detailed guidance on using the "cr" icon, see C2PA User Experience Guidance for Implementers.
CAI
The CAI is creating a secure end-to-end system for digital content provenance through open-source development and cross-industry collaboration. CAI members include Adobe, Microsoft, The New York Times Co., The Associated Press, Intel, Qualcomm, and many more.
CAI open-source SDK
The Content Authenticity Initiative's open-source SDK (software development kit) consists of:
- The c2patool command-line tool: a command-line tool for working with C2PA manifests and media assets (audio, image or video files).
- The JavaScript library (also known as the JavaScript SDK): Client JavaScript library for code that runs, for example, in a web browser.
- Libraries for other programming languages: Prerelease libraries for C++/C, Python, and Node.js.
- The Rust library, which is the code that underlies everything else. It's the "source of truth" that generates all the other APIs.
C2PA Tool
C2PA Tool (c2patool) is a command-line utility for working with C2PA manifest data. Use this tool to work with assets in a supported file format to:
- Read a JSON report of manifest data.
- Attach a manifest store to an asset, if it doesn't already have an associated manifest store.
- Add a manifest to to the associated manifest store if the asset does have an associated manifest store.
JavaScript library
The client JavaScript library enables working with manifest data in the browser. Use this library to:
- Verify and display manifest data on a website or web application.
- Link manifest data displayed on your site to Verify.
- Easily add user interface elements to your website that display manifest data while following the C2PA user experience recommendations.
Other language libraries
The C++/C, Python, and Node.js libraries enable applications written in those languages to create, verify, and display Content Credentials.
These libraries are all early prerelease versions. They may have bugs and unimplemented features, and their APIs are subject to change.
Rust library
The CAI Rust library enables adding C2PA capabilities to a desktop, mobile, or embedded application. The Rust library is the fundamental system underlying everything else. The c2patool uses it "under the hood" and language-specific APIs are generated from it.
You can use the Rust library via the Foreign Function Interface (FFI) to:
- Create and sign C2PA claims and manifests.
- Embed a manifest store into certain asset file formats.
- Parse and validate manifests found in certain asset file formats.