The Birthmark Standard Foundation

Hardware-Backed Photo Authentication

A system that proves photos came from real cameras, not AI generators. By creating unforgeable digital signatures at the moment of capture and recording them on a permanent blockchain ledger, we're restoring trust in photography.

See How It Works View on GitHub

The Problem We're Solving

Deepfake Proliferation

AI-generated images are increasingly indistinguishable from real photographs, creating a crisis of trust in visual media.

Metadata Stripping

Existing solutions like C2PA rely on metadata that's easily removed through format conversion, cropping, or screenshotting.

Credibility Crisis

Professional photographers' legitimate work is dismissed as fake, undermining journalism, legal evidence, and democratic discourse.

Key Concepts

What is Hashing?

A hash converts data of any size into a fixed-length unique fingerprint. The same input always produces the same hash, but even the tiniest change creates a completely different one. Critically, you cannot convert a hash back into the original data.

Example: An image produces hash "a3f2b8...". Change one pixel, and you get an entirely different hash like "d91e4c...".

What is Key Encryption?

Encryption scrambles data using a secret key so only authorized parties can decrypt and read it.

Example: Your camera encrypts its identity—only the manufacturer with the decryption key can verify it's legitimate.

Why Blockchain?

Blockchain is a permanent, tamper-proof public ledger. Once data is recorded on a blockchain, it cannot be changed or deleted—even if companies go out of business or try to censor records.

Example: When your photo's hash is recorded on Ethereum's blockchain, that record is permanent and publicly verifiable by anyone, forever.

1. Creating the Image Hash

Camera-Side Authentication

At the moment of image capture, a secure chip in the camera creates an unforgeable digital signature before the image is even processed.

  • Raw image hashing: A hash is created from the raw image data before any processing like white balance or compression
  • Processed image hashing: A second hash is created from the processed image that you actually save
  • Timestamp and metadata: The camera records when the photo was taken and optionally a hash of the GPS coordinates
  • Parallel processing: Authentication happens in the background while your photo is being captured—no delays or extra steps

Result: A bundle containing both image hashes, timestamp, and optional location hash—ready to be sent to the aggregation server for validation and blockchain recording.

Diagram showing the complete flow from camera capture through hashing, aggregation, manufacturer validation, and blockchain recording

Click to view full size

2. Validating Camera Authenticity

Diagram showing privacy-preserving camera validation process using encrypted NUC maps and key table system between camera, aggregator, and manufacturer

Click to view full size - Note: "Calibration file" refers to the camera's unique sensor identifier

Privacy-Preserving Validation

The manufacturer confirms that images come from real cameras without being able to see what photographers are capturing or track individual cameras.

  • Encrypted camera identifiers: Each camera's unique sensor identifier is encrypted using randomly assigned keys, so only the manufacturer can verify it
  • Separation of concerns: Manufacturers receive the encrypted camera ID but never see image hashes, timestamps, or locations
  • Anonymity sets: About 12,000 cameras share each encryption key, preventing tracking of individual cameras
  • Binary response: Manufacturer returns only PASS (legitimate camera) or FAIL (unknown/forged)—nothing else

3. Verifying Images on Blockchain

Immutable Public Verification

Anyone can verify an image's authenticity by checking the blockchain record—no corporate gatekeepers or subscription services required.

  • Blockchain bundling (zkRollup): Groups of 1,000-5,000 images are bundled together before being recorded on the blockchain, reducing the cost to only $0.00003-0.00006 per image
  • Cryptographic proofs: Even though images are bundled, each one can be individually proven to be part of the validated batch without storing every hash separately
  • Ethereum permanence: Records are stored on Ethereum's blockchain, a system that is both censorship-resistant and designed to last 50+ years
  • Public verification API: Open protocol allows anyone to build verification tools without asking permission
Diagram showing user verification flow: hash image on local computer, query blockchain for matching hash, receive validation result with metadata

Click to view full size

Why Birthmark Standard?

🔓

Open Source

Fully transparent system—no corporate secrets or proprietary control.

🛡️

Privacy First

Anonymous camera identifiers prevent tracking while maintaining authentication integrity.

⛓️

Blockchain Permanence

Records survive even if companies go bankrupt or images are cropped and reposted.

💰

Sustainable Cost

Blockchain bundling achieves $0.00003-0.00006 per image—viable as a public service.

🤝

Complementary

Works alongside existing standards—provides backup when metadata gets stripped.

🌐

Federated

Anyone can run servers—no single point of control or censorship.