C2PA provenance on every AI render — and why we made it non-optional

There is a quiet design choice baked into every video SuperPost renders: it carries a cryptographic record of how it was made, who made it, and what AI was involved. The record is called a C2PA manifest — short for the Coalition for Content Provenance and Authenticity. Every render we ship, on every platform, has one embedded.

We get asked, occasionally, whether this is overkill for a marketing tool. The answer, in our view, is no — and this post is the long version.

What C2PA is, in 90 seconds

C2PA is an open standard for content provenance. It was originated by Adobe, BBC, Microsoft, and Truepic in 2021, and has since been adopted by camera manufacturers (Sony, Leica, Nikon), generative AI platforms (OpenAI, Google), and a growing list of newsrooms.

The mechanism is conceptually simple. When a piece of media is created or modified, a manifest is attached to it. The manifest describes:

• Who produced it (the issuing organisation, identified by a certificate).
• What was done (capture, edit, AI generation, composition).
• When the action happened.
• Which AI models, if any, were involved, and what their inputs were.
• A cryptographic signature binding the manifest to the file's content.

Crucially, the manifest is cumulative — every subsequent edit appends a new step, and you can trace the whole production history of a file from origin to publish.

The standard is open, the specification is public, and there's a growing list of platforms and tools that can read manifests and surface them to viewers. Right now that surface is small — a curious subset of journalists and a few platform integrations. In two years it will be much larger.

What we put in our manifests

Every video, image, and graphic that SuperPost publishes has a manifest with these claims:

• Producer: SuperPost Inc., signed with our production certificate.
• Action chain: the sequence of generation steps — script generation (model + version), voice synthesis (model + version), b-roll selection (source URL + license), composition (FFmpeg version + parameters), final render.
• Source signals: the upstream events that triggered this render — git commit hashes, release tag, feature flag state. (Hashed, not raw, so the manifest doesn't leak private repo content.)
• AI disclosure flag: explicit, machine-readable statement that the artefact contains AI-generated content. This is the bit that compliance tooling and platform AI-disclosure systems can read.
• Workspace fingerprint: a hash of the workspace ID, allowing us to verify provenance without exposing the customer's identity in the public manifest.

The manifest is then signed with our X.509 certificate (issued under our organisational trust list), embedded in the output file (in the case of MP4, in an uuid box; for PNG/JPEG, in the metadata), and shipped to the platform.

Text posts get a parallel mechanism: a structured comment in the post body (where the platform allows) plus an out-of-band manifest delivered to a public verifier endpoint, indexed by post URL.

Why we made it non-optional

Three reasons.

1. The platforms will eventually require it.

Meta, TikTok, YouTube, and X have all announced AI-disclosure policies in the last 18 months. The policies vary in strictness, but they share a common direction: AI-generated content must be machine-detectable, and the labelling mechanism must come from the producer, not be inferred by the platform after the fact. C2PA is, structurally, the path the platforms are converging on.

We could have waited until they enforced it and then bolted it on. We've watched enough teams take shortcuts on infrastructure they "knew" they'd need eventually to know how that ends — six weeks of frantic retrofitting, an emergency migration, and a backlog of posts shipped without manifests that you now have to reconcile. Better to build it in on day one.

2. Trust is the differentiator in this category.

The dominant pattern in AI-generated content right now is "ship it, don't disclose it, hope nobody asks." Our customers are technical founders who care viscerally about that pattern not becoming the default in their own marketing. If a customer's audience eventually figures out that a post was AI-generated and there was no disclosure, the brand damage is permanent.

The C2PA manifest is an unambiguous, machine-verifiable statement: "yes, this was made with AI; here is exactly which models, on which inputs, by which producer." It removes the entire class of "did they or didn't they" anxieties from the customer. Disclosure is a feature, not a liability — provided you do it well.

3. Future-you needs to be able to prove what shipped.

A non-obvious benefit of provenance manifests is that they're an audit log. If, three years from now, a customer wants to know why a particular post performed the way it did, the manifest tells you exactly which model versions produced it, with which prompts, against which signals. We use this internally for A/B test forensics — when a hook overperforms, we can trace it back to the exact rendering pipeline state and replicate it.

For customers operating in regulated industries (finance, health, government-adjacent), this audit trail is increasingly a procurement requirement. Manifests close that hole before it becomes a deal-blocker.

The trade-offs we accepted

Embedding C2PA manifests on every render is not free. There are real costs.

• Render time. Signing and embedding adds ~200ms to every render. We've optimised it down from an early ~1.2s, but it's never going to be zero.
• File size. Each manifest adds ~14KB to MP4 outputs, ~6KB to images. Negligible at our resolutions but worth noting at scale.
• Operational complexity. We maintain a certificate authority, a signing key rotation schedule, and a manifest verifier service. Those are real engineering and security commitments.
• Public-facing surface. Manifests are meant to be inspected. Anyone who knows how to read one can see exactly which models we use, in which order. This is a feature, but it's also a competitive disclosure we accepted.

We think the trade is worth it. Reasonable people might disagree. We'd rather be over-disclosed than caught short.

What it looks like in practice

If you publish a video via SuperPost, the resulting MP4 will pass through any C2PA-aware viewer (the Content Credentials site, for example) and surface a full provenance trail. You'll see "produced by SuperPost," the action chain, and the AI disclosure claim, all signed and verifiable.

For our enterprise customers, we offer a private manifest verifier endpoint — a way to confirm provenance without exposing the source signals to the public manifest. This matters for repos that aren't publicly indexed.

For everyone, the manifest is the receipt that says "this content was produced honestly, with AI, by a tool that is willing to put its certificate on the line for that statement."

Where this goes next

We're tracking the C2PA spec evolution closely. The next major revision adds richer claims for AI-derived content (e.g., "this voice synthesis was trained on the producer's authorised voice samples"), and we'll adopt those claims as soon as they're stable.

We're also exploring publishing a public, queryable provenance API — an endpoint where anyone can paste a SuperPost-published URL and get the manifest back as JSON. The original use case is journalism (verifying that a piece of marketing material claiming to be AI-generated actually was), but we suspect compliance and audit teams will end up being the bigger user base.

If you want to dig deeper, the C2PA specification site is the authoritative source, and the full data-handling story is on the legal page.

If you'd like to see a manifest get produced live on your own repo, book a demo — we'll render a sample post and inspect the resulting C2PA record together.