Try For Free

Please install Yoast or RankMath to use breadcrumbs.

Cryptographic Authorship Proof for the Generative-AI Era

Generative AI made content cheap. It also made content impossible to authenticate by looking at it. A polished blog post might be by a real expert, or by a contractor, or by GPT-5 with light editing, or by a black-hat farm flooding the internet with synthetic content for SEO. From the reader’s side, it’s increasingly hard to tell. From an AI assistant’s side, it’s the same problem at scale.

This is where cryptographic authorship proof comes in.

What we’re solving

AI systems are increasingly cautious about citing content from sources they can’t verify. The reasoning: if you cite a hallucination or a coordinated misinformation post as authoritative, you propagate the error. Models are getting better at provenance checks, and “did the publisher actually attest to this?” is becoming a real signal.

Traditional web identity is weak. The byline at the top of an article is just text. The author field in HTML is just text. Schema.org’s author field is structured but still just declarative — it asserts an author but doesn’t prove the author endorsed the content.

How AIOX signing works

Every AIOX Capsule is signed with an Ed25519 keypair generated for your domain. The private key stays server-side, in the AIOX backend; it’s never sent to AI providers or stored in your browser. The public key is published at /aiox-pubkey/ on your site so any party can verify.

The signature covers the entire Capsule (minus the signature field itself): content text, schema, license, authorship, publication date. Any change to any field invalidates the signature. An AI system verifying the Capsule can confirm: “this content was attested to by the owner of this domain, with these specific terms, at this exact moment.”

The crypto itself is standard Ed25519 — well-vetted, fast (less than 1ms per signature on commodity hardware), and supported in every modern programming language.

What it enables

  • Revocation — if you want to withdraw content (legal reasons, factual correction, change of heart), you publish a revocation Capsule signed with the same key. AI systems that respect revocations purge the content from their working memory.
  • Tamper detection — if a content aggregator re-publishes your Capsule with modified fields (changed license, falsified author), the signature breaks. Downstream consumers can detect this.
  • Authority signals — for AI systems deciding which source to cite, a signed Capsule is stronger evidence than an unsigned one. Marginal benefit today; bigger benefit as the standard adoption grows.
  • Cross-publisher chains of trust — research papers can reference signed Capsules. Aggregators can verify the chain. Quote/citation lineage becomes provable.

What it doesn’t do

To be honest about the limits:

  • It doesn’t prove the human-vs-AI authorship — only that the publishing domain attested to whatever the content says.
  • It doesn’t prevent a bad-faith domain from signing misinformation. The signature is about identity, not accuracy.
  • It doesn’t make currently-deployed AI models smarter overnight. Adoption of signature-aware retrieval is still nascent.

How to set it up

Automatic. Every AIOX customer gets a domain keypair on first connection. Every Capsule the dashboard generates is signed. You don’t have to manage keys, rotate them, or remember anything. If you want to verify yourself: download a Capsule, run it through any Ed25519 verifier with the public key from /aiox-pubkey/, watch it pass.