Cryptographic Photo and Video Verification for the Age of AI-Generated Content
Version 2.0 · February 2026
Witness is a free iOS camera application that provides cryptographic proof of photo and video authenticity. In an era where AI can generate photorealistic images and video indistinguishable from real footage, Witness addresses a fundamental trust problem: how do you prove content is real, unedited, and captured at a specific time and place?
The Problem: Digital photos and videos carry no inherent proof of authenticity. Anyone can claim footage is fake, edited, or AI-generated — and increasingly, they're right to be skeptical.
Our Solution: Witness implements a five-layer verification stack that creates independent, cryptographic proofs at the moment of capture:
Each layer addresses different trust requirements and failure modes. Together, they create verification that is mathematically provable, hardware-backed, industry-compatible, and permanently timestamped.
Beyond verification, Witness provides tools for collaborative documentation: organizations with shared verified feeds, a live map of verified content, direct social sharing with metadata intact, QR code verification, public profiles, and offline capture.
Witness is free, requires no account, and does not track users.
The proliferation of AI-generated content has fundamentally undermined trust in digital imagery. Modern generative models can create photorealistic images of events that never happened, people who don't exist, and documents that were never written. This creates three cascading problems:
1. Real content becomes dismissible. When AI can generate anything, authentic documentation of real events can be dismissed as fake. Footage of police misconduct, environmental violations, or human rights abuses faces automatic skepticism.
2. Verification burden falls on creators. The traditional assumption — that photos are real unless proven fake — has inverted. Now, photographers must prove their content is authentic, often without the tools to do so.
3. Existing solutions are inadequate. Current approaches suffer from critical limitations:
Witness is designed for anyone whose documentation must be trusted:
For these users, the stakes are high. A dismissible photo means a story that doesn't get published, evidence that doesn't hold up in court, or an injustice that goes unaddressed.
Witness's architecture is built on a principle of defense in depth: multiple independent verification systems, each addressing different trust models and failure scenarios. If any single layer is compromised, the others remain valid.
┌────────────────────────────────────────────────────┐
│ Photo/Video Captured │
└────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────┐
│ Layer 1: SHA-256 Hash │
│ Cryptographic fingerprint │
│ Trust: Mathematical certainty │
└────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────┐
│ Layer 2: Apple App Attest │
│ Hardware attestation via Apple │
│ Trust: Apple Secure Enclave + servers │
└────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────┐
│ Layer 3: Secure Enclave Signature │
│ P256 ECDSA in tamper-proof hardware │
│ Trust: iPhone hardware security module │
└────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────┐
│ Layer 4: C2PA Content Credentials │
│ Industry-standard provenance metadata │
│ Trust: Adobe/Microsoft/BBC coalition │
└────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────┐
│ Layer 5: Bitcoin Timestamp │
│ OpenTimestamps on Bitcoin blockchain │
│ Trust: Decentralized, trustless consensus │
└────────────────────────────────────────────────────┘Each verification layer has different trust assumptions:
| Layer | Trust Assumption | Failure Mode |
|---|---|---|
| SHA-256 | Mathematical certainty | None (if algorithm is sound) |
| App Attest | Apple's infrastructure | Apple compromise or outage |
| Secure Enclave | iPhone hardware integrity | Device jailbreak or hardware attack |
| C2PA | Industry consortium governance | Standard deprecation or key compromise |
| Bitcoin | Blockchain consensus | 51% attack (economically infeasible) |
A single-layer system fails if that layer is compromised. Witness's multi-layer approach means an attacker would need to simultaneously compromise the SHA-256 algorithm, Apple's attestation infrastructure, the iPhone's Secure Enclave, the C2PA certificate chain, and the Bitcoin blockchain. This combination provides practical unforgability.
Implementation: Apple CryptoKit framework
At capture, Witness computes a SHA-256 hash of the raw image or video data. This creates a 256-bit fingerprint that is deterministic (same input always produces same hash), collision-resistant (finding two inputs with the same hash is computationally infeasible), and sensitive (changing a single pixel produces a completely different hash).
import CryptoKit
func computeHash(imageData: Data) -> String {
let digest = SHA256.hash(data: imageData)
return digest.compactMap { String(format: "%02x", $0) }.joined()
}The hash is stored alongside the content and displayed in the verification overlay. Recipients can recompute the hash to verify the content hasn't been modified.
What this proves: The content data hasn't changed since the hash was created.
What this doesn't prove: When the hash was created, or that the content is authentic.
Implementation: DeviceCheck framework with App Attest API
App Attest provides hardware-backed proof that the app is the genuine Witness application (not modified or repackaged), running on a genuine Apple device (not emulated or jailbroken), and that the attestation was generated at a specific time.
Process:
import DeviceCheck
func generateAttestation(challenge: Data) async throws -> Data {
let service = DCAppAttestService.shared
let keyId = try await service.generateKey()
return try await service.attestKey(keyId, clientDataHash: challenge)
}What this proves: The content came from the genuine Witness app running on a genuine Apple device.
What this doesn't prove: The content itself is authentic (could still be a photo of a screen).
Implementation: Security framework with kSecAttrTokenIDSecureEnclave
The Secure Enclave is a hardware security module built into Apple's chips. It stores cryptographic keys in isolated, tamper-resistant hardware, performs cryptographic operations without exposing keys to the main processor, and cannot be accessed even if iOS is compromised.
Witness creates a P256 ECDSA key pair in the Secure Enclave and uses it to sign metadata:
func createSecureEnclaveKey() throws -> SecKey {
let attributes: [String: Any] = [
kSecAttrKeyType as String: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeySizeInBits as String: 256,
kSecAttrTokenID as String: kSecAttrTokenIDSecureEnclave,
kSecPrivateKeyAttrs as String: [
kSecAttrIsPermanent as String: true,
kSecAttrApplicationTag as String: "com.witness.signing"
]
]
var error: Unmanaged<CFError>?
guard let key = SecKeyCreateRandomKey(
attributes as CFDictionary, &error
) else {
throw error!.takeRetainedValue()
}
return key
}What this proves: The metadata signature was created on a device with an intact Secure Enclave.
What this doesn't prove: The device wasn't compromised before the content was captured.
Implementation: C2PA Swift SDK
C2PA (Coalition for Content Provenance and Authenticity) is an industry standard developed by Adobe, Microsoft, BBC, Intel, and others. It embeds cryptographically signed metadata directly into image and video files.
Witness embeds C2PA Content Credentials that include capture device information, timestamp, GPS coordinates, software identification, and a cryptographic signature.
import C2PA
func embedCredentials(image: Data, metadata: CaptureMetadata) throws -> Data {
let manifest = C2PAManifest()
manifest.addAssertion(.captureInfo(
device: metadata.device,
timestamp: metadata.timestamp,
location: metadata.coordinates
))
return try manifest.embed(in: image, signingKey: witnessSigningKey)
}Interoperability: C2PA credentials can be verified by Adobe Photoshop and Lightroom, Microsoft products, news organization verification tools, any C2PA-compatible software, and the Witness web verification page at witnesshq.com/verify.
What this proves: The content carries industry-standard provenance metadata verifiable outside Witness's ecosystem.
What this doesn't prove: The metadata itself is accurate (that depends on the other layers).
Implementation: OpenTimestamps protocol over HTTP
OpenTimestamps anchors data hashes to the Bitcoin blockchain, creating permanent, decentralized proof that the data existed at a specific time.
Process:
Content Hash ──┐
├── Merkle Tree ── Merkle Root ── Bitcoin Transaction
Other Hashes ──┘Note: This is not cryptocurrency, tokens, or NFTs. We use Bitcoin's blockchain solely as a timestamp anchor. The content hash gets embedded in a transaction, creating permanent proof it existed at that moment. The content itself never touches the blockchain.
What this proves: The content hash existed at the time of the Bitcoin block (trustless, decentralized proof).
What this doesn't prove: What the hash represents (that depends on the other layers).
Create an org, invite members. Everyone contributes to a shared verified feed — organized, timestamped, geolocated, and provably real. No more hunting through camera rolls.
Interactive map of verified content. Filter by time, location, or organization. Scrub a timeline to see events unfold. Sharing is always opt-in — photos stay private by default.
Share to Twitter, Facebook, TikTok, or text without leaving the app. Verification badge and metadata travel with the content.
Every shared photo and video includes a QR code. Scan to see all five proof layers, timestamp, and location — no app needed.
Anyone can check authenticity at witnesshq.com/verify. A public verification path that doesn't require installing the app.
Build a portfolio of documentation work. Link socials, add a bio, choose which content to make public. Build credibility over time.
Works without cell service. Full local verification at capture; network-dependent layers sync when connectivity returns. Critical for protests and remote areas.
Auto-post every capture to Twitter. Stay in the moment — let Witness handle the posting. Designed for fast-moving situations.
| Threat | Mitigation |
|---|---|
| Content modification after capture | SHA-256 hash breaks if any pixel changes |
| Fake timestamps | Bitcoin timestamp provides trustless temporal proof |
| Spoofed GPS coordinates | App Attest proves genuine device; Secure Enclave signs metadata |
| Modified or fake app | App Attest proves genuine Witness installation |
| Emulator or jailbroken device | App Attest and Secure Enclave detect compromised environments |
| Proprietary lock-in | C2PA ensures verification works outside Witness ecosystem |
| Service shutdown | Bitcoin timestamps remain valid forever; C2PA is an open standard |
Witness cannot prove that a photo or video depicts reality. It proves the content hasn't been modified since capture, it was captured on a genuine device running Witness, and it was captured at a specific time and location.
It does not prove:
These limitations are inherent to any camera-based verification system. Witness provides the strongest possible guarantee that the digital file is authentic — what the camera saw is a separate question.
An attacker with hardware-level access to the iPhone could potentially extract Secure Enclave keys.
Mitigation: App Attest provides server-side verification through Apple's infrastructure. Even with device compromise, the attacker cannot forge Apple's attestation.
A malicious calendar server could refuse to timestamp or provide false proofs.
Mitigation: Witness submits to multiple independent calendar servers. Timestamps are also verifiable against the Bitcoin blockchain directly.
Theoretical advances in cryptanalysis could weaken SHA-256.
Mitigation: The multi-layer stack means other proofs remain valid. C2PA and OpenTimestamps can migrate to stronger algorithms if needed.
Witness requests location access with the "Allow While Using" permission level. This means location is only accessed when the app is open and in use. There is no background location tracking, no location history stored on servers, and users can revoke permission at any time.
Content is stored locally on the device. Witness does not upload photos or videos to Witness servers, require accounts or user registration, track user behavior or analytics, or store personal information.
The only data transmitted externally:
The content itself, GPS coordinates, and other metadata remain on-device unless the user chooses to share.
Witness implements the C2PA 1.4 specification, including manifest structure and signing, required assertions for capture devices, certificate chain validation, and embedding in JPEG, PNG, and video formats.
C2PA credentials created by Witness can be verified by Adobe Content Authenticity Initiative tools, Microsoft products with C2PA support, news organization verification workflows, any C2PA-compliant verification software, and the Witness web verification page (witnesshq.com/verify).
Witness implements the OpenTimestamps protocol as specified at opentimestamps.org: HTTP calendar server submission, Merkle tree proof verification, Bitcoin transaction validation, and pending-to-confirmed status tracking.
Witness is aligned with the Berkeley Protocol on Digital Open Source Investigations, which provides a framework for using digital information in international criminal and human rights investigations.
News organizations can embed the Witness Live Map in their coverage, allowing readers to explore verified footage from any event, browse the timeline, and see exactly where each piece of content was captured.
Android Version (2026) — Native Android implementation with equivalent verification stack using Android hardware security features.
Third-Party Security Audit (2026) — Independent security audit of cryptographic implementation and threat model.
Chain of Custody Documentation — Export format for legal proceedings including transfer events and custody metadata.
Location Fuzzing — Optional precision reduction for sensitive documentation where exact coordinates create risk.
Legal Export Format — Structured export (ZIP with image/video, JSON metadata, HTML verification report) optimized for court admissibility.
| Specification | Value |
|---|---|
| Platform | iOS 17+ |
| Framework | SwiftUI (pure native) |
| Hashing | SHA-256 via CryptoKit |
| Signing | P256 ECDSA via Secure Enclave |
| Attestation | Apple DeviceCheck App Attest |
| Provenance | C2PA 1.4 specification |
| Timestamping | OpenTimestamps (Bitcoin) |
| Camera | AVFoundation (photo and video) |
| Location | CoreLocation |
| External Dependencies | C2PA Swift SDK |
| Price | Free |
| Account Required | No |
Witness addresses the trust crisis in digital media through defense in depth: five independent verification layers, each with different trust models, working together to create mathematically provable, hardware-backed, industry-compatible, and permanently timestamped proof of authenticity.
For citizen journalists, activists, legal observers, community organizers, and anyone whose documentation must be trusted, Witness provides the strongest possible guarantee that their content is real, unedited, and captured exactly when and where they claim.
The combination of local-first privacy, open standards (C2PA), and decentralized timestamping (Bitcoin) ensures that verification remains valid and accessible even if Witness as a company ceases to exist. Your proof exists on a decentralized network. No single company, government, or server can alter or delete it.
For questions or technical inquiries, contact team@witnesshq.com
Witness was built by Nico Goldberg and Marshall Vyletel Jr.