Verifiable provenance
Provenance you can verify — not a PDF you have to trust
The media world is moving from “trust this document” to “verify this cryptographically” — that's the idea behind C2PA Content Credentials. Selekt brings the same principle to sample clearance: every sample's sourcing and screening record is signed with Ed25519 and hash-chained, and anyone can verify it in their browser with no account. Here's how it works, and honestly how it compares to C2PA.
How it works
Ed25519 digital signatures
Every audit record — what the sample is, where it came from, the license, the fingerprint-screening result — is signed with an Ed25519 private key. You verify each signature against our published public key. A valid signature proves the record came from Selekt and hasn't been altered.
A SHA-256 hash chain
Each record stores the SHA-256 hash of the record before it, linking them into an append-only chain. You can't edit, delete, or reorder a record without breaking every hash after it — so the history is tamper-evident, like a tiny purpose-built ledger for one sample's provenance.
Independent, in-browser verification
The signed records, the public key, and a copy-paste verification snippet are all public. Re-check everything with Web Crypto in your browser, or offline in a few lines of code. No Selekt account, no API key, no trust required — the proof is in the math.
How this compares to C2PA
C2PA / Content Credentials is the emerging industry standard for content provenance — a signed manifest embedded in a media file describing its origin and edit history. Selekt's approach shares the same goal and cryptographic spirit, applied to the specific problem of sample clearance. Here's the honest breakdown:
| Selekt verifiable provenance | C2PA / Content Credentials | |
|---|---|---|
| Cryptographically signed | Yes — Ed25519 | Yes |
| Tamper-evident | Yes — SHA-256 hash chain | Yes — signed manifest |
| Independently verifiable | Yes — public key + in-browser check | Yes — public trust list |
| Where the proof lives | External signed audit record (a public URL) | Embedded manifest inside the media file |
| What it documents | Sample sourcing, license & fingerprint screening | Asset origin & edit history |
| Survives re-export / format change | Yes — the record is a separate URL | Can be stripped if the file is re-encoded |
In short: like C2PA, our records are cryptographically signed, tamper-evident, and independently verifiable. Unlike C2PA, we publish an external audit chain about a sample's sourcing and clearance rather than embedding credentials inside the file — which means the proof can't be stripped by re-encoding. Embedding true C2PA Content Credentials into exported audio is a natural future addition, not something we claim today.
Verify it yourself
Open any sample's certificate, or paste a scan ID into the public verifier, and re-run the signature and hash-chain check. Hand the URL to a label, publisher, sync supervisor, distributor, or client — they can confirm the provenance without ever contacting you.
Frequently asked questions
Does Selekt use C2PA / Content Credentials?
Not literally — and we won't claim a standard we don't implement. C2PA (the Content Authenticity Initiative's standard, also called Content Credentials) embeds a cryptographically signed manifest inside the media file describing its origin and edits. Selekt does something in the same spirit for sample clearance: instead of embedding credentials in the file, we publish an external, cryptographically signed and hash-chained audit record of where each sample came from and how it was screened, which anyone can verify. Same goal — tamper-evident, independently verifiable provenance — different mechanism. If you specifically need embedded C2PA manifests, that's on our radar as a future export option.
How is a Selekt provenance record actually secured?
Two layers. (1) Digital signatures: every audit record is signed with an Ed25519 private key; you verify it against our published public key. (2) A hash chain: each record stores the SHA-256 hash of the record before it, so the history is append-only and tamper-evident — you can’t alter or reorder a record without breaking the chain. Both are standard, well-understood cryptographic primitives, not a proprietary black box.
Can I verify it independently, without trusting Selekt?
Yes — that’s the whole point. The signed records, the public key, and a copy-paste verification snippet are all public and load with no account. You can re-check every signature in your browser (Web Crypto) or offline with a few lines of code. If our database disappeared tomorrow, a record you already downloaded would still verify against the public key.
Why does verifiable provenance matter for samples?
When you release commercially, the question is always “can you prove where this came from?” A static PDF is easy to fake; a cryptographically signed, hash-chained record handed to a label, publisher, sync supervisor, distributor, or client is independently checkable. It turns “trust me” into “verify it” — which is exactly what content-provenance standards like C2PA are pushing the whole media industry toward.
Is this the same as a copyright clearance or a legal guarantee?
No. Provenance proves the record hasn’t been tampered with and shows what we sourced and screened. It is strong evidence, not a legal clearance opinion or a guarantee of rights. Fingerprint screening is highly accurate but not infallible, and you remain responsible for confirming rights before commercial use.
Provenance, with receipts
Every Selekt sample carries a signed, verifiable record of where it came from and how it was screened. That's the difference between hoping a sample is clean and being able to prove what you checked.
