This project has been built by the team at Digimarc Labs. Digimarc is a digital watermarking leader committed to building an digital ecosystem of trust protecting content creators and consumers.
To make C2PA manifests more resilient, Digimarc offers free Digital Watermark Embedding and Detection Tools to Device and Chip Manufacturers and Content Creation Platforms. Contact us if you'd like to learn more about this offer.
In a world where misinformation or AI generated content can spread rapidly, establishing trust and authenticity in digital media has never been more critical. The Coalition for Content Provenance and Authenticity C2PA is a cross-industry standards development organization addressing the prevalence of misleading information online. This timely issue is tackled through the development of open technical standards for certifying the source and history (or provenance) of media content referred to as Content Credentials.
This repository provides an implementation of a C2PA manifest validator running directly in Chrome as a browser extension. Its purpose is to validate and display Content Credentials for JPEG images and MPEG videos that embed a C2PA compliant manifest. Thanks to the validation being done independently of the site a user is surfing on, it should enable users to make better decisions about which image should and shouldn’t be trusted.
This project is built on top of the open source C2PA-JS Library built by the Content Authenticity Initiative team and we would like to thank them here for their pioneering work. The full list of libraries used in this project can be found here.
Warning: This is an early and experimental release of this extension subject to material changes. A number of issues are known and we welcome feedback by submitting issues.
The extension is available on the Chrome Web Store and can be installed from there.
- Download the zip archive of the latest release
- Unzip the archive
- Open Chrome and go to
chrome://extensions. - Enable Developer Mode (top right corner).
- Click on
Load unpacked. - Select the unzipped folder.
- Try it out! (see Usage below)
Once the extension is installed, you have 2 ways of verifying and displaying Content Credentials:
In this default mode you need to actively seek verification. Right click on an image and select Verify Content Credentials. If a C2PA manifest is available the pin icon will appear. Hovering the mouse on the pin will display the provenance information.
In this experimental mode all images are automatically scanned for C2PA manifest in the background. To activate this mode click on the plugin icon on the top right, it will display a popup window.
Switch the toggle Automatically validate C2PA manifests to ON.
When the extension is enabled, you will now see the C2PA pin on top of every image that contains a C2PA manifest in the website loaded in the active tab. Hover the mouse on the pin and the extension will reveal the image provenance information.
Test the extension on the 2 images below. One of the photo was taken last year and one was generated by AI. Can you guess which one is real? The extension will help you!
You can also check out the code and install the extension locally
- Clone this repository.
- Fetch the
c2pa-jsfork with:git submodule update --init --recursive - Run:
git submodule update --remote - Run
npm install. - Build the extension:
npm run buildor./scripts/build.sh - Open Chrome and go to
chrome://extensions. - Enable Developer Mode (top right corner).
- Click on
Load unpacked. - Select the
buildextension folder. - Try it out! (see Usage)
The current version of the extension supports:
- JPG / JPEG and PNG images
- MPEG (MP4) videos
- MP3 and WAV audio files
We are working on adding support for more image, video and audio types.
In order to handle websites that are already using the official C2PA web components library c2pa-wc and to maintain a consistent UI experience, we need to actively remove all the CAI icons that are already present to avoid conflicts and misleading information.
Here is a list of the components we currently remove when the extension is enabled:
cai-popover|cai-indicator|cai-manifest-summary
Because the browser extension runs completely locally in the browser, there are restrictions to access the website's images depending on how they are made available. Most will be accessed by their property src as long as it is a public url, otherwise the extension will try to transform it to a dataURI so that it can be processed in the sandbox, but this is also known not to work in all the cases, depending on the type and location of the images.
We encourage anyone in the community to contribute to the project, this can be done in different ways:
Fork the repository and create a new branch for your feature.
We currently use the following versions of Node and NPM:
npm: >= 10.2.2
node: >= 20.9.0
Follow the Local Installation instructions above to get your local version ready.
Run npm run test to ensure that all tests are passing.
Implement your feature, as necessary, add tests if needed and send a Pull Request
(We recommend that you run the linter first: npm run lint)
Alternatively, you can create an issue with a bug report or a new feature request in the Github project.
When contributing, make sure to update the version of the library in the package.json file.
In order to have a light version of the extension, where you have only the necessary files that the extension needs to work, you can run:
npm run build
or
./scripts/build.sh
It will create a build folder. This contains the final extension code.
npm run test
This project is licensed under the MIT License - see the LICENSE file for details.
This project has been built by the team at Digimarc Labs. Digimarc is a digital watermarking leader committed to building an digital ecosystem of trust protecting content creators and consumers.
To make C2PA manifests more resilient, Digimarc offers free Digital Watermark Embedding and Detection Tools to Device and Chip Manufacturers and Content Creation Platforms. Contact us if you'd like to learn more about this offer.
This project is built on top of many great open source projects starting with C2PA-JS Library built by the Content Authenticity Initiative team. We would like to thank them here for their pioneering work. The full list of libraries and their respective licenses used in this project can be found here.