Skip to main content
Developer Portal

Build With Authorship Verification

The WritersProof protocol specification, reference implementation, and everything you need to build your own verifier or embed proof of authorship into your platform.

Looking for the hosted API? See writersproof.com/developers for API keys, SDKs, rate limits, and integration guides.

SDK

The cpop_engine Crate

A zero-dependency Rust library for generating, signing, and verifying WritersProof evidence packets. Compile to native or WebAssembly.

Installation

toml
# Cargo.toml
[dependencies]
cpop_engine = { git = "https://github.com/WritersLogic/writersproof-engine" }

Capabilities

  • Evidence generation with dual-layer keystroke capture
  • Ed25519 / ECDSA-P256 signature creation and verification
  • Checkpoint creation with Sliding Window Fingerprints (SWF)
  • CBOR/COSE encoding per draft-condrey-rats-pop
  • Deterministic serialization for reproducible hashes
  • WebAssembly compilation target (wasm32-unknown-unknown)

Quick Start

rust
use cpop_engine::{Session, Config, Evidence};

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    // Initialize a session with default Ed25519 keys
    let config = Config::builder()
        .algorithm(cpop_engine::Algorithm::Ed25519)
        .build()?;
    let mut session = Session::new(config)?;

    // Record writing events as they happen
    session.record_keystroke('H', 0)?;
    session.record_keystroke('e', 42)?;
    session.record_keystroke('l', 85)?;
    session.record_keystroke('l', 127)?;
    session.record_keystroke('o', 170)?;

    // Create a signed checkpoint
    let checkpoint = session.checkpoint()?;
    println!("Checkpoint hash: {}", checkpoint.hash_hex());

    // Export the full evidence packet (CBOR-encoded)
    let evidence: Evidence = session.export()?;
    let cbor_bytes = evidence.to_cbor()?;

    // Verify the packet independently
    assert!(Evidence::verify(&cbor_bytes)?);
    println!("Evidence verified. {} bytes.", cbor_bytes.len());

    Ok(())
}
C2PA

Content Provenance Integration

WritersProof evidence packets embed as external assertions inside C2PA manifests, extending content provenance from media to text.

How It Works

  1. 1The WritersProof engine generates a signed evidence packet containing keystroke data, timing, checkpoints, and signatures.
  2. 2The packet is referenced as an external assertion in a C2PA manifest, linked via its content hash.
  3. 3The manifest is embedded as a JUMBF box in the document, or stored alongside it as a sidecar.
  4. 4Any C2PA-aware verifier can validate the manifest and follow the external reference to verify the WritersProof evidence.

Why This Matters

C2PA was built for images, video, and audio — media where provenance means knowing which camera or editor produced the file. Text has a different provenance problem: proving a human wrote it. WritersProof fills that gap. By embedding WritersProof evidence inside C2PA manifests, documents gain the same chain-of-custody guarantees that photos and videos already have.

Manifest Structure

json
{
  "claim_generator": "witnessd/1.0.2",
  "assertions": [
    {
      "label": "com.writerslogic.writersproof",
      "kind": "external",
      "url": "https://writerslogic.com/api/v1/evidence/abc123",
      "hash": {
        "algorithm": "sha256",
        "value": "7a3f8c...901d"
      },
      "description": "WritersProof evidence packet (draft-condrey-rats-pop)"
    }
  ],
  "signature": {
    "algorithm": "Ed25519",
    "certificate_chain": ["..."]
  }
}

JUMBF Embedding

For offline verification, the WritersProof packet can be embedded directly in the JUMBF superbox alongside the C2PA manifest. This makes the document fully self-contained — no network requests needed to verify authorship.

WritersProof Protocol Standard

The WritersProof Protocol

draft-condrey-rats-pop defines a Proof-of-Process attestation protocol within the IETF RATS architecture.

Wire Format

Evidence packets use CBOR (RFC 8949) for compact binary encoding and COSE (RFC 9052) for cryptographic signing. Deterministic encoding ensures reproducible hashes across implementations.

Content-Type: application/cbor
COSE tag: 18 (COSE_Sign1)

Evidence Packet Structure

  • 01Header — algorithm, key ID, content type
  • 02Claims — device ID, session ID, timestamp range
  • 03Events — keystroke records, clipboard, revision deltas
  • 04Checkpoints — SWF hashes with monotonic counters
  • 05Signature — COSE_Sign1 over deterministic CBOR

IANA Registrations

The protocol registers custom CBOR tags and CoAP content-format IDs with IANA for interoperability:

CBOR Tag TBD1 — WritersProof Evidence
CBOR Tag TBD2 — WritersProof Checkpoint
CoAP CF TBD3 — application/writersproof+cbor
View on WritersProof Protocol Datatracker

Patent Notice: The WritersProof protocol is patent-pending. The patent is available under FRAND terms for standard-essential use. Open-source implementations under AGPL-3.0 receive a royalty-free grant.

Licensing

Open Core, Clear Terms

The core engine is AGPL-3.0. Need to embed it in a proprietary product? We offer commercial licenses.

AGPL-3.0

Free & Open Source

  • Personal and academic use
  • Open-source projects (AGPL-compatible)
  • Self-hosted deployments
  • Full access to cpop_engine source
  • Community support via GitHub Issues
  • Patent royalty-free grant
$0forever
Enterprise

Commercial License

Proprietary Use

  • Embed in proprietary / closed-source products
  • No copyleft obligations
  • SLA-backed technical support
  • Priority bug fixes and security patches
  • Custom integration assistance
  • Volume and OEM licensing available