Security & trust model

What we guarantee, what we don't, and how.

Obsign's entire value is trust, so the security model is stated plainly. Most of it you can check yourself, right now, without taking our word for anything.

Determinism

The integer compute path is bit-identical across CPU, GPU and native code. We verify it against the SDK on a real GPU on every change; you verify it on your own machine on the live proof page.

Privacy by architecture

The website never uploads your content. Enhancement, forensic analysis, and verification all run in your browser; your images, files, and receipts are never sent anywhere. The only outbound traffic is cookieless page analytics and content-free interaction events — no content, no cookies, no third parties (see the privacy policy).

Re-runnable receipts

Every output carries a receipt: SHA-256 over the canonical claim, an Ed25519 signature, and the model fingerprint. Anyone can recompute the hash and re-run the operation to reproduce the result bit-for-bit.

Reversibility

Accountable edits are provably reversible: original = enhanced − diff, recovered bit-exact. The original is preserved and hashed; nothing is silently lost.

The receipt trust model

A signature proves who signed and that the bytes are unchanged. It does not, by itself, prove the signer is someone you should trust. Three independent things must hold:

Integrity
The receipt's hash is recomputed from its own contents and must match. Catches any tampering with the claim.
Signature (Ed25519)
Verified locally in Web Crypto. Proves the receipt was signed by the holder of a specific key.
Issuer trust
Is that key a known, trusted issuer? On a real deployment, the signer's certificate is on the C2PA trust list. The verifier states "unverified" when it is not, rather than implying trust it cannot establish.

Two regimes, never conflated

With provenance, certainty is possible. Without it, only calibrated evidence is honest. We never let one masquerade as the other — the forensic examiner makes the line explicit.

Regime A · with a receipt

  • Exactly what changed, where, and how — bit-for-bit.
  • The recorded operation re-runs and reproduces.
  • The original is recoverable, losslessly.

Regime B · no provenance

  • Calibrated evidence, never a verdict.
  • A skilled edit can leave no trace — that is a theorem, not a gap.
  • Absence of a finding does not establish authenticity.

The honest status

Obsign is a working platform in front of a pre-launch company. The trust pitch only holds if this part is visible.

Holds today

  • Determinism is real and independently verifiable (CPU=GPU=native, 0 ULP).
  • Receipts are genuine: SHA-256 + Ed25519, re-runnable, reversible.
  • Everything is client-side; no data leaves the browser.
  • Cross-browser + accessibility audited; gates run on every change.

Not yet

  • Demo receipts use development keys, so third-party C2PA viewers show them untrusted until a real CA certificate is on the trust list with KMS/HSM key custody.
  • No SOC 2 / formal audit yet; no production signing identity.
  • Forensic statistical detectors are calibrated, not yet against a large labeled corpus.
  • Safari has no Ed25519 in Web Crypto yet, so in-browser signing degrades gracefully there.

Found something? Tell us.

Responsible disclosure is welcome. Email the lab directly; we read everything.

Report a security issue