Blog

• Content Verification Flow
• Email Validation Process
• Proof of Concept: Verifiable Quotes on Blockchain
• RSS Feeds Available
• C2PA Browser Verification
• C2PA Extension Deployment
• C2PA Extension Implementation
• C2PA Verification Extension
• Security Model
• Using the C2PA Extension

Content Verification Flow

Content Verification Flow

Youseddit’s verification flow utilizes email source analysis, off-chain cryptographic proofs (IPFS with C2PA metadata), and on-chain evidence records to enable trustworthy content verification while maintaining GDPR compliance. While any email client can be used, encrypted and signed emails (S/MIME or PGP/GnuPG) are recommended for the highest level of provenance.

Verification Principles

The verification system is built on four core principles:

1. Cryptographic Integrity: Hash-based verification ensures content hasn’t been altered
2. Decentralized Storage: IPFS provides content-addressable, tamper-evident storage
3. Blockchain Immutability: On-chain records provide permanent timestamping and authorization control
4. Email Provenance: Verification based on email header analysis and user account information.

Email Processing Workflow

The email processing workflow involves these steps:

1. User Upload: The user copies the full source code of an email (initial message or reply) and pastes it into the YouSeddit web interface.
2. Header Parsing: The system parses key email headers (e.g., From, To, Date, Subject, Message-ID) to extract provenance metadata.
3. IPFS Storage: The complete, unmodified email source code is stored securely on IPFS, generating a unique Content Identifier (CID).
4. C2PA Manifest Generation: A C2PA manifest is created, embedding the extracted header metadata, the IPFS CID, and information linking the upload to the authenticated YouSeddit user account.
5. Blockchain Record: An evidence record is created on the blockchain, containing cryptographic hashes (of the full email and specific quotes), the IPFS CID, and references to the user account and C2PA manifest, establishing an immutable link between the quote, its source, and the uploader.

(Note: While PGP/GnuPG or S/MIME signed/encrypted emails provide stronger cryptographic proof of origin and integrity, the system processes standard emails by relying on header information and user attestation.)

Publisher Verification Flow

When a publisher wants to verify a quote before publication:

sequenceDiagram
    autonumber
    Publisher->>Smart Contract: Query snippetHash
    Smart Contract->>Publisher: Return evidenceRecord (fullEmailHash, CID, status)
    Publisher->>IPFS: Retrieve encrypted file using CID
    IPFS->>Publisher: Return encrypted GPG file
    Publisher->>Publisher: Calculate hash of encrypted file
    Publisher->>Publisher: Verify hash matches fullEmailHash from contract
    Publisher->>Publisher: If approved source, decrypt file with proper key
    Publisher->>Publisher: Locate snippet in decrypted content
    Publisher->>Publisher: Calculate hash of snippet
    Publisher->>Publisher: Verify snippet hash matches snippetHash used for lookup
    Publisher->>Publisher: Check isPublished status is true
    Publisher->>License Contract: Request publication license
    License Contract->>Publisher: Issue license if conditions met

Reader Verification Flow

When an end-user wants to verify a published quote:

sequenceDiagram
    autonumber
    Reader->>Browser Extension: Encounters quote with C2PA marker
    Browser Extension->>C2PA Manifest: Extract snippetHash and blockchain address
    Browser Extension->>Smart Contract: Query snippetHash
    Smart Contract->>Browser Extension: Return source metadata and verification status
    Browser Extension->>Browser Extension: Verify publisher domain is authorized
    Browser Extension->>Reader: Display verification status and source information

Verification Components

1. Email Source Analysis & Provenance

The system establishes email provenance by:

• Parsing Email Headers: Extracting standard metadata like From, To, Date, Subject, Message-ID from the raw email source.
• User Attestation: Linking the uploaded email source to the authenticated YouSeddit user who submitted it.
• C2PA Metadata: Embedding the extracted header information and user details within the C2PA manifest associated with the stored email source on IPFS.
• (Recommended) Cryptographic Signatures: Leveraging S/MIME or PGP/GnuPG signatures when present in the email source for stronger sender verification.

2. Hash Verification

The system uses SHA-256 hashing at multiple levels:

• Full Email Hash: Verifies the integrity of the complete encrypted source file
• Snippet Hash: Provides unique identifier for specific quotable content
• Transaction Hash: Links on-chain evidence to specific blockchain transactions

3. IPFS Content Addressing

IPFS CIDs (Content Identifiers) provide:

• Content-addressable storage where the address is derived from the content itself
• Built-in integrity checking via cryptographic hashing
• Distributed retrieval from multiple nodes for availability

4. Smart Contract Verification

The EvidenceRecord smart contract provides:

• Immutable timestamped records of snippet-to-source relationships
• Authorization status controls managed by content owners
• Public verification endpoints for third-party systems

5. C2PA Manifest Integration

C2PA manifests include:

• Blockchain transaction references
• Snippet hash references
• Signature verification status
• Original source metadata
• Publication authorization indicators

Technical Implementation

Email Processing Pseudocode

// Process submitted email source code
async function processEmailSource(emailSourceCode, yousedditUserId) {
  // 1. Parse Headers
  const headers = parseEmailHeaders(emailSourceCode);
  // Example: headers = { from: '...', to: '...', date: '...', messageId: '...' }

  // 2. Store full source in IPFS
  const ipfsCid = await ipfs.add(emailSourceCode);
  const fullEmailHash = sha256(emailSourceCode);

  // 3. Generate C2PA Manifest
  const c2paManifest = createC2PAManifest({
    emailHeaders: headers,
    ipfsCid: ipfsCid,
    uploaderUserId: yousedditUserId,
    timestamp: new Date()
    // Include signature verification status if applicable
  });
  const c2paManifestCid = await ipfs.add(JSON.stringify(c2paManifest));

  // 4. Record Evidence on Blockchain
  // (Assuming snippetHash is generated when user selects quote later)
  const txId = await evidenceContract.methods
    .recordInitialEvidence(
      fullEmailHash,
      ipfsCid,
      c2paManifestCid,
      yousedditUserId // Link to the uploader
    )
    .send({ from: systemAccount });

  return {
    ipfsCid,
    c2paManifestCid,
    fullEmailHash,
    txId,
    processed: true
  };
}

// Function to associate a selected quote snippet later
async function recordQuoteSnippet(fullEmailHash, snippetText, yousedditUserId) {
  const snippetHash = sha256(snippetText);

  // Find the initial evidence record
  const initialRecord = await evidenceContract.methods.findEvidenceByFullHash(fullEmailHash).call();

  if (!initialRecord || initialRecord.owner !== yousedditUserId) {
    throw new Error("Unauthorized or evidence not found");
  }

  // Add the snippet hash to the record
  const txId = await evidenceContract.methods
    .addSnippetHash(fullEmailHash, snippetHash)
    .send({ from: yousedditUserId }); // User confirms quote selection

  return { snippetHash, txId, added: true };
}

Evidence Record Verification

// Verify a snippet against blockchain evidence
async function verifySnippet(snippetText, publisherDomain) {
  // Calculate hash of the snippet
  const snippetHash = sha256(snippetText);
  
  // Query the smart contract
  const evidenceRecord = await evidenceContract.methods
    .getEvidence(snippetHash)
    .call();
    
  // Verify publication status
  if (!evidenceRecord.isPublished) {
    return { verified: false, reason: 'not_published' };
  }
  
  // Retrieve encrypted file from IPFS
  const encryptedFile = await ipfs.cat(evidenceRecord.storagePointer);
  
  // Calculate hash of encrypted file
  const calculatedFullHash = sha256(encryptedFile);
  
  // Verify full file hash matches
  if (calculatedFullHash !== evidenceRecord.fullEmailHash) {
    return { verified: false, reason: 'file_hash_mismatch' };
  }
  
  // Verify publisher domain authorization
  const isDomainAuthorized = await licenseContract.methods
    .isAuthorizedPublisher(publisherDomain, snippetHash)
    .call();
    
  if (!isDomainAuthorized) {
    return { verified: false, reason: 'unauthorized_publisher' };
  }
  
  // Return successful verification with source info
  return {
    verified: true,
    source: {
      recordedAt: new Date(evidenceRecord.timestamp * 1000),
      owner: evidenceRecord.owner,
      verified: true
    }
  };
}

C2PA Integration

The C2PA manifest includes Youseddit-specific assertions that link to the blockchain evidence:

{
  "assertions": [
    {
      "label": "youseddit.blockchain",
      "data": {
        "snippetHash": "0x7d931ff3a802d6c5b8c94e5421ccd1e392bde1c9ff7283173121a1c52348ec5e",
        "contractAddress": "0x742d35Cc6634C0532925a3b844Bc454e4438f44e",
        "network": "polygon",
        "transactionHash": "0x9c742cd10ff11d6c1a0165fc108b6753970aa74daff87d9bee90920d613bdd3a"
      }
    },
    {
      "label": "youseddit.verification",
      "data": {
        "verificationTimestamp": "2025-03-15T14:22:31Z",
        "isPublished": true,
        "verificationMethod": "hash_ipfs_blockchain",
        "emailProvenance": {
          "method": "header_analysis_user_attestation",
          "uploaderUserId": "user_123abc", // Example YouSeddit User ID
          "headerFields": ["From", "To", "Date", "Subject", "Message-ID"], // Fields used
          "signatureVerified": false // Example: Set to true if PGP/S-MIME signature was present and verified
        }
      }
    }
  ]
}

Benefits of This Approach

• GDPR Compliance: Sensitive personal data remains encrypted off-chain
• Cryptographic Proof: Hashing, IPFS, C2PA, and blockchain provide tamper-evident verification (enhanced by optional email signatures).
• User Attestation: Links the uploaded source to the authenticated user account.
• Owner Control: Source individuals maintain publication control
• Publisher Verification: Media outlets can verify authenticity before publishing
• Reader Confidence: End-users can verify content authenticity through browser extensions
• Searchable Quotes: Decryption on platform enables search and discovery while maintaining privacy

Email Validation Process

Email Validation Process

Youseddit’s email processing system provides a secure, privacy-first approach to establishing the provenance of email exchanges for use in verified quotes. This document explains the workflow for users submitting email source code.

Overview

The process is designed to:

1. Verify that email content is properly encrypted and signed
2. Confirm ownership of email addresses by all parties
3. Create a verifiable attestation chain on the blockchain
4. Maintain encryption of sensitive content
5. Enable secure publication with consent of all parties

Email Processing & Provenance Score

Youseddit processes the raw source code of any email submitted via the web interface. While standard emails can be processed, the provenance and trustworthiness of the resulting quotes are significantly enhanced when the original emails utilize encryption and digital signatures (PGP/GnuPG or S/MIME).

Provenance Factors:

To quantify the trustworthiness of the email source, YouSeddit calculates a Provenance Score based on the following factors, primarily derived from analyzing the email source code:

1. Initiator Email Encryption: Was the initial email in the thread encrypted using a recognized standard (PGP/GnuPG or S/MIME)?
2. Initiator Email Signature: Was the initial email digitally signed using a verifiable key (PGP/GnuPG or S/MIME)?
3. Responder Email Encryption: Was the response email encrypted using a recognized standard?
4. Responder Email Signature: Was the response email digitally signed using a verifiable key?
5. Header Integrity: Are standard email headers (From, To, Date, Message-ID) present and well-formed?

C2PA Metadata Attestation:

The calculated Provenance Score and the contributing factors are recorded within the C2PA manifest associated with the email source stored on IPFS. This provides a transparent record of the source’s technical verification level.

Furthermore, the C2PA metadata for each quote snippet includes:

• A reference to the C2PA manifest of the full email source.
• An indicator specifying whether the snippet is from the initiating email or a response.
• If it’s a response, a reference linking it back to the initiating email’s evidence record.

Privacy Considerations

The system is designed with privacy as a core principle:

• Zero Knowledge: YouSeddit never has access to decryption keys
• Local Decryption: Initial decryption happens only on the journalist’s local machine
• Consent-Based: All parties must provide explicit consent for attestation
• Granular Control: Journalists control which quotes become searchable
• GDPR Compliant: Personal data remains encrypted until explicitly published

Integration with C2PA

When quotes are published, they include C2PA manifests with:

{
  "assertions": [
    {
      "label": "youseddit.emailVerification",
      "data": {
        "threadHash": "0x8f41b8f5c4c5d3ae51e5434e7a654b0b2e0f12c6ea3d5348b4e2a4a4d2c2a2e",
        "senderVerified": true,
        "receiverVerified": true,
        "verificationType": "email_source_provenance",
        "verificationDate": "2025-04-02T15:23:19Z",
        "verificationStatus": "complete"
      }
    }
  ]
}

Benefits for Journalists

• Source Protection: Sources’ identities remain protected through encryption
• Verifiable Quotes: Provide irrefutable evidence of authentic quotes
• Fast Verification: Streamlined process takes minutes to complete
• Monetization: Option to sell verified quotes through the platform
• Access Control: Full control over who can access full content

Benefits for Sources

• Privacy Protection: Original email content is securely stored and not publicly accessible until publication is authorized.
• Provenance Transparency: The calculated Provenance Score, stored in the C2PA metadata, clearly shows how the technical properties (headers, optional encryption/signing) of the original email contribute to its trustworthiness.
• Publication Control: Sources maintain control over whether quotes derived from their emails are made public.
• Monetization: Potential revenue sharing from quote licensing.

Common Questions

What if the source doesn’t respond to the validation request?

The journalist can still create a partial attestation showing they control the sender email. This creates a “one-sided” verification that’s noted in the blockchain record.

Can the email content be altered after validation?

No, any change to the content would change the cryptographic hash, invalidating the blockchain attestation. The system provides immutable proof of the original content.

What email clients are supported?

Youseddit processes the raw source code from any email client.

For the highest Provenance Score, using clients that support S/MIME or PGP/GnuPG encryption and digital signatures is recommended. Examples include:

• Thunderbird (with relevant add-ons)
• Apple Mail (with relevant plugins)
• Outlook (with relevant plugins)
• ProtonMail (built-in PGP)
• Other clients supporting S/MIME or PGP/GnuPG standards

How is search privacy maintained?

When emails are indexed for search, access controls ensure that only search results from authorized content are displayed to users. Full content access still requires proper authorization through the smart contract.

Proof of Concept: Verifiable Quotes on Blockchain

This post demonstrates how quotes can be linked to immutable proofs on a blockchain and verified against source documents stored on IPFS. This approach ensures the authenticity and verifiability of quoted text by leveraging decentralized technologies.

How It Works

1. Source documents (emails, articles, etc.) are stored on IPFS, a decentralized storage network
2. Hash of the document and quote metadata is recorded on the Polygon blockchain
3. Anyone can verify the authenticity by checking both the IPFS source and blockchain proof

Example Quotes

Here is the first example quote from an email:

"This is the first source document containing quote A. The quote is directly extracted from the original document without any modifications to ensure authenticity."

[Proof] [Source]

And here is another quote from a different source:

"Quote B originates from this document. This demonstrates how multiple sources can all be verified using the same system, creating a network of trust for all quoted materials."

[Proof] [Source]

Finally, a third example from a media interview:

"Our verified quoting system ensures that all statements are traceable back to their origins, maintaining integrity in an era where misinformation is rampant."

[Proof] [Source]

Verification Process

Clicking ‘[Proof]’ takes you to the Polygon blockchain transaction that contains the hash of the document and quote metadata. This proves when the quote was recorded and that it hasn’t been altered since.

Clicking ‘[Source]’ opens the original source document from IPFS via a public gateway. This allows anyone to verify that the quote appears in the original context.

Benefits

• Transparency: All quotes are linked to their original sources
• Immutability: Once recorded, quotes cannot be altered
• Verifiability: Anyone can independently verify authenticity
• Decentralization: No central authority controls the verification system

This proof-of-concept demonstrates the foundation for a trustworthy quoting system that can be implemented as a browser extension or integrated into publishing platforms.

RSS Feeds Available

RSS Feeds

For your convenience, we offer RSS feeds to keep you updated on the latest documentation changes and additions.

Available Feeds

• Blog Feed: /blog/index.xml

  This feed provides updates whenever new posts are added to the blog.

How to Use

1. Copy the feed URL
2. Paste it into your favorite RSS reader
3. Subscribe to receive updates automatically

Most modern browsers also support RSS feed detection and will show a notification when a feed is available on a page.

Benefits of Using RSS

• Stay informed about new features and documentation
• Receive updates automatically without checking the site manually
• Never miss important changes or additions

C2PA Browser Verification

C2PA Browser Verification

Youseddit extends C2PA content authentication standards to text quotes by providing a Chrome browser extension that verifies both C2PA metadata and blockchain-backed smart contract authorization.

C2PA and Blockchain Integration

The Content Authenticity Initiative (CAI) and the Coalition for Content Provenance and Authenticity (C2PA) have established standards for tracking the origin and edit history of digital content. YouSeddit extends these standards to text quotes from interviews and other sources.

Key Verification Components

1. Standard C2PA Verification

   • Detects C2PA manifests in images and videos
   • Validates digital signatures and content integrity
   • Shows standard C2PA provenance information

2. Text Quote C2PA Extension

   • Identifies text with C2PA metadata references
   • Extracts YouSeddit blockchain identifiers
   • Validates text matches against authenticated blockchain records

3. Smart Contract Validation

   • Verifies the domain has a valid license to use the content
   • Validates payment status and license terms
   • Ensures proper attribution requirements are met

Verification Workflow

The C2PA verification process integrates with Youseddit’s blockchain in the following way:

1. Content Creation

   • Source provides interview or statement
   • Content is authenticated through PGP/GPG
   • C2PA manifest is generated with YouSeddit blockchain references
   • Content is stored securely on the blockchain

2. Content Publication

   • Publisher acquires rights through smart contracts
   • Content is published with embedded C2PA metadata
   • C2PA manifest includes blockchain references

3. User Verification

   • Browser extension detects C2PA-enabled content
   • Extension validates C2PA manifests
   • For text quotes, extension:
     • Verifies text against blockchain records
     • Validates domain’s smart contract authorization
     • Displays verification status to the user

Technical Implementation

The verification system uses several innovative approaches:

C2PA Manifest Extensions

Youseddit extends standard C2PA manifests with blockchain-specific assertions:

{
  "assertions": [
    {
      "label": "youseddit.blockchain",
      "data": {
        "blockchainId": "0x7d931ff3a802d6c5...",
        "ledgerType": "ethereum",
        "contentType": "quote",
        "timestampVerified": "2025-03-15T14:22:31Z"
      }
    }
  ]
}

Text Quote Validation

For text quotes, the system:

1. Extracts the exact text content
2. Compares it against the blockchain-stored authentic version
3. Applies fuzzy matching to account for minor formatting differences
4. Verifies that the quote maintains the original meaning and context

Smart Contract Integration

The verification system checks:

1. If the domain has purchased rights to use the quote
2. If the contract is current and not expired
3. Whether usage complies with license terms (exclusive/non-exclusive)
4. If required attribution is properly included

Benefits of C2PA-Based Verification

This approach offers several advantages:

• Built on Open Standards: Leverages established C2PA standards and tooling
• Media Continuity: Applies consistent verification across text, images, and videos
• Decentralized Trust: Combines cryptographic verification with blockchain immutability
• Cross-Platform Compatibility: Works with all major C2PA implementations
• Future-Proof Design: Extensible to new content types and verification methods

C2PA Extension Deployment

C2PA Extension Deployment Guide

This guide covers the process of packaging and distributing the YouSeddit C2PA Browser Extension to various browser extension stores.

Building for Production

Before deploying, create a production build of the extension:

# Set the environment to production
export NODE_ENV=production

# Build the extension
pnpm build

# Create distribution packages
pnpm package

This will create distribution packages in the dist-packages directory:

• youseddit-c2pa-chrome.zip - Chrome Web Store package
• youseddit-c2pa-edge.zip - Microsoft Edge Add-ons package
• youseddit-c2pa-firefox.xpi - Firefox Add-ons package

Chrome Web Store Deployment

Preparation

1. Create a Google Developer account
2. Pay the one-time registration fee ($5 USD as of 2025)
3. Prepare promotional materials:
   • Extension icon (128x128 PNG)
   • Store promotional images (1280x800 PNG or JPG)
   • Screenshots of the extension in action (1280x800)
   • Detailed description (up to 16,000 characters)
   • Privacy policy URL

Submission Process

1. Go to the Chrome Web Store Developer Dashboard
2. Click “Add new item”
3. Upload the youseddit-c2pa-chrome.zip file
4. Fill in all required metadata:
   • Extension name: “Youseddit C2PA Verifier”
   • Description
   • Category: “Productivity”
   • Language
   • Screenshots and promotional images
5. Set up pricing and distribution:
   • Extension is free to use
   • Available in all regions where the Chrome Web Store is available
6. Set permissions justifications:
   • Explain why each permission is needed
7. Submit for review

The review process typically takes 1-3 business days. You may receive feedback requiring changes before approval.

Microsoft Edge Add-ons Store

Preparation

1. Create a Microsoft Partner Center account
2. Complete the publisher verification process
3. Prepare similar promotional materials as for Chrome:
   • Product images
   • Store listings
   • Privacy policy

Submission Process

1. Go to the Microsoft Edge Add-ons Developer Dashboard
2. Click “Create new extension”
3. Upload the youseddit-c2pa-edge.zip file
4. Fill in all required metadata:
   • Extension name
   • Description
   • Category: “Productivity”
   • Language
   • Screenshots and promotional images
5. Set availability and pricing:
   • Extension is free to use
   • Available in all supported markets
6. Provide notes to reviewers explaining the extension’s functionality
7. Submit for review

The review process typically takes 3-5 business days.

Firefox Browser Add-ons

Preparation

1. Create a Mozilla Add-on Developer account
2. Prepare promotional materials:
   • Extension icon
   • Screenshots
   • Detailed description
   • Privacy policy

Submission Process

1. Go to the Firefox Add-on Developer Hub
2. Click “Submit a New Add-on”
3. Choose “Upload Your Add-on” and select the youseddit-c2pa-firefox.xpi file
4. Fill in all required metadata:
   • Extension name
   • Summary and description
   • Category: “Privacy & Security”
   • Language
   • Screenshots
5. Set up distribution options:
   • Mark as compatible with Firefox for Desktop
   • Set availability to public
6. Submit for review

Firefox has a rigorous review process that typically takes 7-14 days. Reviewers will manually test your extension and may ask for clarifications or changes.

Post-Deployment Monitoring

After deployment, monitor the extension’s performance and user feedback:

1. Set up monitoring for:

   • Installation count and active users
   • User ratings and reviews
   • Error reports
   • Performance metrics

2. Establish response protocols for:

   • User support requests
   • Bug reports
   • Feature requests
   • Security concerns

3. Create a regular update schedule:

   • Bug fixes: As needed
   • Minor improvements: Monthly
   • Major features: Quarterly

Update Process

When releasing updates:

1. Increment the version number in manifest.json
2. Update the changelog
3. Build new distribution packages
4. Submit to each store for review
5. Communicate changes to users through:
   • Store listing updates
   • In-extension notifications
   • Documentation updates

Security Considerations

Code Signing

For Firefox distribution, the XPI package must be signed by Mozilla:

# Sign the XPI package using web-ext
npx web-ext sign --api-key=$AMO_JWT_ISSUER --api-secret=$AMO_JWT_SECRET

Manual Distribution

For enterprise deployment or users who prefer manual installation:

1. Host the extension packages on a secure server
2. Provide detailed installation instructions for each browser
3. Include verification hashes (SHA-256) for security

Extension ID Consistency

Maintain consistent extension IDs across all channels to ensure proper identity and updates:

// manifest.json
{
  "browser_specific_settings": {
    "gecko": {
      "id": "c2pa-verifier@youseddit.com"
    }
  }
}

Compliance Considerations

Ensure the extension complies with:

1. GDPR and Privacy Laws:

   • Minimal data collection
   • Clear privacy policy
   • User consent for any data collection

2. Content Security Policy:

   • Secure content loading
   • Protection against XSS
   • Safe resource usage

3. Accessibility Standards:

   • Keyboard navigation
   • Screen reader compatibility
   • High-contrast visual indicators

4. Store-Specific Policies:

   • Adhere to each store’s developer agreement
   • Follow marketing guidelines
   • Maintain responsive developer support

C2PA Extension Implementation

YouSeddit C2PA Extension Implementation

The YouSeddit C2PA Verification Extension is built upon the open-source c2pa-extension-validator project, extending its capabilities to support text quote validation with blockchain integration.

Building on Existing C2PA Validation

The base c2pa-extension-validator provides:

• Browser extension for validating C2PA digital assets (images, videos, audio)
• Support for Edge, Chrome, and Firefox browsers
• Automatic detection of C2PA-enabled media on webpages
• Visual indicators of validation status

Our implementation maintains these core capabilities while adding:

1. Text quote validation through C2PA assertions
2. Blockchain verification integration
3. Smart contract validation for domains

Technical Implementation

Extension Structure

youseddit-c2pa-extension/
├── src/
│   ├── background/
│   │   └── background.ts         # Background service worker
│   ├── content/
│   │   ├── content.ts            # Content script for webpage integration
│   │   ├── c2pa-detector.ts      # Identifies C2PA content
│   │   ├── text-detector.ts      # New: Detects text quotes with C2PA refs
│   │   └── ui/                   # UI components
│   ├── blockchain/
│   │   ├── ledger-api.ts         # New: Blockchain interaction
│   │   └── contract-validator.ts # New: Smart contract validation
│   ├── c2pa/
│   │   ├── validator.ts          # C2PA validation logic
│   │   └── manifest-parser.ts    # Extended for YouSeddit assertions
│   ├── popup/
│   │   └── popup.tsx             # Extension popup UI
│   └── utils/
│       └── crypto.ts             # Cryptographic utilities
├── public/
│   ├── manifest.json             # Extension manifest
│   └── icons/                    # Extension icons
└── tests/
    ├── unit/                     # Unit tests
    └── e2e/                      # End-to-end tests

Extending C2PA Manifest Parsing

Our extension extends the standard C2PA manifest parsing to recognize Youseddit-specific assertions:

// Extends the existing C2PA validator with YouSeddit functionality
export class YousedditManifestValidator extends C2PAValidator {
  /**
   * Check for YouSeddit blockchain assertions in the manifest
   */
  public async checkBlockchainAssertion(manifest: C2PAManifest): Promise<BlockchainVerificationResult> {
    const yousedditAssertion = manifest.assertions.find(
      assertion => assertion.label === 'youseddit.blockchain'
    );
    
    if (!yousedditAssertion) {
      return { hasBlockchainRef: false };
    }
    
    const blockchainId = yousedditAssertion.data.blockchainId;
    return this.verifyWithBlockchain(blockchainId);
  }
  
  /**
   * Verify content against blockchain entry
   */
  private async verifyWithBlockchain(blockchainId: string): Promise<BlockchainVerificationResult> {
    const blockchainApi = new YousedditLedgerAPI();
    return blockchainApi.verifyContent(blockchainId);
  }
}

Text Quote Detection

A new component detects and validates text quotes with C2PA references:

export class TextQuoteDetector {
  /**
   * Scan for potential text quotes with C2PA references
   */
  public scanForQuotes(document: Document): QuoteElement[] {
    const potentialQuotes: QuoteElement[] = [];
    
    // Look for blockquote elements
    const blockquotes = document.querySelectorAll('blockquote');
    for (const blockquote of blockquotes) {
      this.processQuoteElement(blockquote, potentialQuotes);
    }
    
    // Look for quoted text in paragraphs
    const paragraphs = document.querySelectorAll('p');
    for (const paragraph of paragraphs) {
      if (this.containsQuotes(paragraph.textContent)) {
        this.processQuoteElement(paragraph, potentialQuotes);
      }
    }
    
    return potentialQuotes;
  }
  
  /**
   * Check element for C2PA references
   */
  private processQuoteElement(element: Element, results: QuoteElement[]): void {
    // Check for data attributes with blockchain references
    const blockchainId = element.getAttribute('data-youseddit-id');
    if (blockchainId) {
      results.push({ 
        element, 
        text: element.textContent?.trim() || '',
        blockchainId 
      });
      return;
    }
    
    // Check for nearby C2PA indicators
    const nearbyReference = this.findNearbyReference(element);
    if (nearbyReference) {
      results.push({ 
        element, 
        text: element.textContent?.trim() || '',
        blockchainId: nearbyReference.blockchainId
      });
    }
  }
  
  // Additional helper methods...
}

Blockchain Integration

A new blockchain API layer handles verification against the YouSeddit ledger:

export class YousedditLedgerAPI {
  private readonly API_ENDPOINT = 'https://api.youseddit.com/v1';
  
  /**
   * Verify content against blockchain record
   */
  public async verifyContent(blockchainId: string): Promise<BlockchainVerificationResult> {
    try {
      const response = await fetch(`${this.API_ENDPOINT}/verify/blockchain/${blockchainId}`);
      
      if (!response.ok) {
        return { 
          hasBlockchainRef: true, 
          verified: false, 
          error: 'Failed to fetch blockchain data'
        };
      }
      
      const data = await response.json();
      
      return {
        hasBlockchainRef: true,
        verified: true,
        sourceInfo: data.sourceInfo,
        timestamp: new Date(data.timestampVerified),
        contentHash: data.contentHash
      };
    } catch (error) {
      console.error('Blockchain verification error:', error);
      return { 
        hasBlockchainRef: true, 
        verified: false, 
        error: error instanceof Error ? error.message : 'Unknown error'
      };
    }
  }
  
  /**
   * Verify domain has valid contract for content
   */
  public async verifyDomainContract(domain: string, blockchainId: string): Promise<ContractVerificationResult> {
    try {
      const response = await fetch(
        `${this.API_ENDPOINT}/contracts/validate?domain=${encodeURIComponent(domain)}&contentId=${blockchainId}`
      );
      
      if (!response.ok) {
        return { valid: false, error: 'Failed to fetch contract data' };
      }
      
      const data = await response.json();
      
      return {
        valid: data.valid,
        licenseType: data.licenseType,
        expirationDate: new Date(data.expires),
        paymentStatus: data.paymentStatus
      };
    } catch (error) {
      console.error('Contract validation error:', error);
      return { 
        valid: false, 
        error: error instanceof Error ? error.message : 'Unknown error' 
      };
    }
  }
}

Text Validation

To validate text against blockchain records:

export class TextValidator {
  /**
   * Compare text against authenticated blockchain version
   */
  public validateText(quoteText: string, authenticText: string): TextMatchResult {
    // Remove extra whitespace and normalize
    const normalizedQuote = this.normalizeText(quoteText);
    const normalizedAuth = this.normalizeText(authenticText);
    
    if (normalizedQuote === normalizedAuth) {
      return { isMatch: true, matchPercentage: 100 };
    }
    
    // For partial matches, calculate similarity
    const similarity = this.calculateSimilarity(normalizedQuote, normalizedAuth);
    
    return {
      isMatch: similarity >= 0.9, // 90% similarity threshold
      matchPercentage: Math.round(similarity * 100),
      differences: this.highlightDifferences(normalizedQuote, normalizedAuth)
    };
  }
  
  /**
   * Calculate similarity between two text strings
   */
  private calculateSimilarity(text1: string, text2: string): number {
    // Implement text similarity algorithm
    // This could use Levenshtein distance, Jaccard similarity, etc.
    // For simplicity, this is a placeholder
    return 0; // Placeholder value
  }
  
  /**
   * Normalize text for comparison
   */
  private normalizeText(text: string): string {
    return text
      .replace(/\s+/g, ' ')
      .replace(/[\u2018\u2019]/g, "'")
      .replace(/[\u201C\u201D]/g, '"')
      .trim();
  }
  
  /**
   * Generate a diff showing where texts differ
   */
  private highlightDifferences(text1: string, text2: string): string {
    // Implement diff generation logic
    // Placeholder for now
    return '';
  }
}

Content Script Integration

The content script brings everything together:

// Main content script
(async function() {
  const c2paDetector = new C2PADetector();
  const textDetector = new TextQuoteDetector();
  const validator = new YousedditManifestValidator();
  const ledgerApi = new YousedditLedgerAPI();
  
  // Process standard C2PA media
  const mediaElements = c2paDetector.detectC2PAMedia(document);
  for (const element of mediaElements) {
    try {
      const manifest = await validator.getManifest(element);
      if (!manifest) continue;
      
      // Standard C2PA validation
      const validationResult = await validator.validateManifest(manifest);
      
      // Check for YouSeddit blockchain assertions
      const blockchainResult = await validator.checkBlockchainAssertion(manifest);
      
      // Create and display validation UI
      displayMediaValidation(element, validationResult, blockchainResult);
    } catch (error) {
      console.error('Media validation error:', error);
    }
  }
  
  // Process text quotes
  const quoteElements = textDetector.scanForQuotes(document);
  for (const quote of quoteElements) {
    try {
      // Verify quote against blockchain
      const blockchainResult = await ledgerApi.verifyContent(quote.blockchainId);
      
      if (blockchainResult.verified && blockchainResult.authenticText) {
        // Validate quote text against authentic text
        const textValidator = new TextValidator();
        const textMatch = textValidator.validateText(
          quote.text, 
          blockchainResult.authenticText
        );
        
        // Verify domain contract
        const contractResult = await ledgerApi.verifyDomainContract(
          window.location.hostname,
          quote.blockchainId
        );
        
        // Display validation UI
        displayTextValidation(quote.element, textMatch, blockchainResult, contractResult);
      }
    } catch (error) {
      console.error('Text validation error:', error);
    }
  }
})();

Key Enhancements

The YouSeddit extension makes several key enhancements to the base c2pa-extension-validator:

1. Extended C2PA Format Support

Added support for Youseddit-specific C2PA assertions:

{
  "label": "youseddit.blockchain",
  "data": {
    "blockchainId": "0x7d931ff3a802d6c5...",
    "ledgerType": "ethereum",
    "contentType": "quote",
    "timestampVerified": "2025-03-15T14:22:31Z"
  }
}

2. Text Quote Detection

Enhanced content scanning to detect:

• Blockquote elements
• Text in quotation marks
• Elements with data attributes referencing YouSeddit blockchain IDs
• Adjacent attribution links with YouSeddit verification URLs

3. Smart Contract Validation

Added validation of domain authorization through:

• Checking the domain against YouSeddit contract registry
• Validating license terms and expiration
• Verifying payment status for quote usage

4. Enhanced User Interface

Improved the user interface with:

• Text-specific validation indicators
• Detailed verification panels showing blockchain status
• Smart contract information display
• Highlighting of differences between quoted and authentic text

Building and Testing

Prerequisites

• Node.js 18+
• pnpm package manager
• Chrome or Edge for development testing

Setup

1. Clone the repository:

   git clone https://github.com/Sanmarcsoft/youseddit-c2pa-extension.git
   cd youseddit-c2pa-extension
   

2. Install dependencies:

   pnpm install
   

3. Build the extension:

   pnpm build
   

4. Load the extension in Chrome:

   • Navigate to chrome://extensions/
   • Enable “Developer mode”
   • Click “Load unpacked” and select the dist directory

Testing

The extension includes comprehensive test cases:

# Run all tests
pnpm test

# Run specific test categories
pnpm test:c2pa         # C2PA validation tests
pnpm test:blockchain   # Blockchain integration tests
pnpm test:text         # Text validation tests
pnpm test:e2e          # End-to-end browser tests

Deployment

The extension will be packaged for distribution through:

1. Chrome Web Store
2. Microsoft Edge Add-ons Store
3. Firefox Browser Add-ons

Each platform requires specific packaging and review processes, detailed in our deployment guide.

Future Development

Planned enhancements include:

1. Offline Validation: Cache verification data for offline use
2. API Integration: JavaScript API for website integration
3. Browser Coverage: Support for additional browsers
4. Performance Optimization: Reduce validation latency
5. Expanded Text Detection: Improved algorithms for detecting quoted content

C2PA Verification Extension

YouSeddit C2PA Verification Extension

The YouSeddit Browser Extension builds upon open-source C2PA verification technology to not only verify C2PA metadata in media but also to validate text quotes against the YouSeddit blockchain ledger and verify smart contract authorization.

Overview

The Content Authenticity Initiative (CAI) and the Coalition for Content Provenance and Authenticity (C2PA) have established standards for tracking the origin and edit history of digital content. The YouSeddit extension extends this standard to include:

1. C2PA Metadata Verification: Standard validation of C2PA metadata in images and videos
2. Text Quote Verification: Validation that quoted text has matching C2PA metadata referencing YouSeddit blockchain entries
3. Smart Contract Validation: Verification that the hosting domain has proper authorization to display the C2PA-enabled content

See a mock newspaper example demonstrating how verified images and quotes might appear.

Technical Architecture

Built on Open Standards

This extension is modeled after open-source C2PA verification extensions, extending their capabilities with blockchain integration:

graph TD
    subgraph Browser Extension
        A[Detect C2PA Asset on Page] --> B{Extract C2PA Manifest};
        B --> C{Verify C2PA Compliance};
        C -- Compliant --> D{Has YouSeddit Data?};
        C -- Not Compliant --> Z[❌ Not C2PA Compliant];
        D -- Yes --> E{Extract Ledger ID & IPFS CID};
        D -- No --> AA[ℹ️ Standard C2PA];
        E --> F[API Call: youseddit.com/validate];
        F -- Ledger ID, IPFS CID --> G(Youseddit Platform API);
        G --> H{Validate Ledger Entry};
        H -- Valid --> I{Verify IPFS Asset Hash};
        H -- Invalid --> Y[❌ Ledger Invalid];
        I -- Match --> J{Check Publisher License};
        I -- Mismatch --> X[❌ Asset Mismatch];
        J -- Valid License --> W[✅ Fully Verified];
        J -- No/Invalid License --> V[⚠️ License Invalid];
    end

    subgraph External Systems
        G;
        K[Blockchain Ledger];
        L[IPFS];
        M[Publisher Domain];
    end

    G --> K;
    G --> L;
    G --> M;

Components

1. C2PA Validation Engine

   • Leverages the C2PA JavaScript SDK to detect and validate C2PA metadata
   • Parses manifests to extract content provenance information
   • Verifies digital signatures against trusted issuers

2. Text Quote Parser

   • Identifies potential quoted text on webpages
   • Searches for C2PA assertion claims in or near the text
   • Extracts identifiers linking to YouSeddit blockchain entries

3. Blockchain Verification Layer

   • Queries the YouSeddit blockchain ledger using extracted identifiers
   • Validates that quoted text matches the authenticated source in the ledger
   • Verifies cryptographic signatures and hashes

4. Smart Contract Validator

   • Checks domain authorization against YouSeddit smart contract registry
   • Validates licensing terms, expiration, and usage rights
   • Verifies payment status for content usage

Data Flow

The verification process follows these steps:

1. Extension detects C2PA-enabled content on a webpage

2. C2PA manifest is extracted and validated for integrity

3. For text quotes, extension:

   • Extracts YouSeddit blockchain identifiers from C2PA metadata
   • Queries the blockchain ledger to verify the source text
   • Compares the quoted text against the authenticated version
   • Checks domain authorization via smart contract

4. Results are displayed to the user with appropriate indicators

Implementation

Core Technologies

• C2PA JavaScript SDK: For parsing and validating C2PA manifests
• Web3.js: For blockchain interaction and smart contract validation
• Content Script: For DOM manipulation and UI integration

Manifest (v3)

{
  "manifest_version": 3,
  "name": "Youseddit C2PA Verifier",
  "version": "1.0",
  "description": "Verify C2PA metadata and text quotes against the YouSeddit blockchain",
  "permissions": [
    "storage",
    "activeTab"
  ],
  "host_permissions": [
    "https://*.youseddit.com/*"
  ],
  "background": {
    "service_worker": "background.js"
  },
  "content_scripts": [
    {
      "matches": ["http://*/*", "https://*/*"],
      "js": ["c2pa-sdk.js", "content.js"],
      "css": ["styles.css"]
    }
  ],
  "action": {
    "default_popup": "popup.html",
    "default_icon": {
      "16": "icons/icon16.png",
      "48": "icons/icon48.png",
      "128": "icons/icon128.png"
    }
  },
  "web_accessible_resources": [
    {
      "resources": ["icons/*", "verification-badge.svg"],
      "matches": ["<all_urls>"]
    }
  ]
}

Key Code Components

C2PA Manifest Processing

// Detect and process C2PA metadata in content
async function processC2PAManifest(element) {
  try {
    // Use C2PA SDK to extract manifest
    const manifest = await c2pa.read(element);
    
    if (!manifest) return null;
    
    // Check for YouSeddit assertion
    const yousedditAssertion = manifest.assertions.find(
      assertion => assertion.claim?.youseddit?.blockchainId
    );
    
    if (!yousedditAssertion) return manifest; // Standard C2PA, no YouSeddit data
    
    // Extract blockchain reference and email verification info
    const blockchainId = yousedditAssertion.claim.youseddit.blockchainId;
    const emailVerification = yousedditAssertion.claim.youseddit.emailVerification;
    
    // Validate that content was properly encrypted and verified
    if (!emailVerification || !emailVerification.encryptionVerified || !emailVerification.signatureVerified) {
      return {
        verified: false,
        reason: 'encryption_or_signature_invalid',
        manifest: manifest
      };
    }
    
    // Verify against blockchain
    return verifyWithBlockchain(manifest, blockchainId);
  } catch (error) {
    console.error('C2PA processing error:', error);
    return null;
  }
}

Text Quote Verification

// Verify text quotes against blockchain content
async function verifyTextQuote(quoteElement) {
  // Extract quote text
  const quoteText = quoteElement.textContent.trim();
  
  // Look for data attributes or nearby C2PA indicators
  const blockchainId = quoteElement.dataset.yousedditId || 
                        findNearbyBlockchainId(quoteElement);
  
  if (!blockchainId) return null;
  
  // Query blockchain for authenticated text
  const blockchainData = await queryBlockchain(blockchainId);
  
  if (!blockchainData) return { verified: false, reason: 'not_found' };
  
  // Compare text against blockchain record
  const textMatch = compareText(quoteText, blockchainData.authenticText);
  
  // Verify domain has authorization
  const contractStatus = await verifyDomainContract(
    window.location.hostname,
    blockchainId
  );
  
  return {
    verified: textMatch.isMatch,
    textMatchPercent: textMatch.matchPercentage,
    contractValid: contractStatus.isValid,
    contractExpires: contractStatus.expirationDate,
    sourceInfo: blockchainData.sourceInfo,
    c2paManifest: blockchainData.c2paManifest
  };
}

Smart Contract Validation

// Verify domain has valid contract for content
async function verifyDomainContract(domain, contentId) {
  try {
    // Connect to YouSeddit contract registry
    const contractRegistry = new web3.eth.Contract(
      REGISTRY_ABI,
      REGISTRY_ADDRESS
    );
    
    // Check if domain has valid contract for this content
    const contractData = await contractRegistry.methods
      .validateDomainContent(domain, contentId)
      .call();
    
    return {
      isValid: contractData.isValid,
      expirationDate: new Date(contractData.expirationTimestamp * 1000),
      licenseType: contractData.licenseType,
      paymentStatus: contractData.paymentStatus
    };
  } catch (error) {
    console.error('Contract validation error:', error);
    return { isValid: false };
  }
}

C2PA Metadata Structure

The YouSeddit extension recognizes standard C2PA manifests with additional Youseddit-specific assertions:

{
  "claim_generator": "Youseddit Content Authenticator v1.0",
  "assertions": [
    {
      "label": "c2pa.hash",
      "data": {
        "hash_algorithm": "sha256",
        "hash": "5ae0a0f542458d1379e0a603a5419e631dcdc1c45a1020a4d371400dd92bd9e3"
      }
    },
    {
      "label": "youseddit.blockchain",
      "data": {
        "blockchainId": "0x7d931ff3a802d6c5b8c94e5421ccd1e392bde1c9ff7283173121a1c52348ec5e",
        "ledgerType": "ethereum",
        "contentType": "quote",
        "timestampVerified": "2025-03-15T14:22:31Z"
      }
    },
    {
      "label": "youseddit.emailVerification",
      "data": {
        "encryptionVerified": true,
        "signatureVerified": true,
        "keyId": "0x8A7F1D77AC8267436F7673D69CFA6F91BFC33196",
        "encryptionTimestamp": "2025-03-10T09:10:23Z",
        "signatureTimestamp": "2025-03-10T09:15:00Z"
      }
    },
    {
      "label": "youseddit.source",
      "data": {
        "name": "Jane Doe",
        "organization": "Example Organization",
        "interviewDate": "2025-03-10T09:15:00Z",
        "interviewMethod": "email",
        "verificationMethod": "pgp",
        "walletAddress": "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
      }
    }
  ]
}

Integration with C2PA Ecosystem

The extension integrates with the broader C2PA ecosystem:

1. Compatible with CAI Workflows: Works with content created through Content Authenticity Initiative tools
2. Adobe C2PA Support: Compatible with Adobe-generated C2PA metadata
3. Truepic Integration: Works alongside Truepic verification for photos
4. Cross-Platform Support: Functions with all major C2PA implementations

Development Guide

Setup

1. Clone the repository:

   git clone https://github.com/Sanmarcsoft/youseddit-c2pa-extension.git
   cd youseddit-c2pa-extension
   

2. Install dependencies:

   npm install
   

3. Build the extension:

   npm run build
   

4. Load in Chrome:

   • Open chrome://extensions/
   • Enable “Developer mode”
   • Click “Load unpacked” and select the dist directory

Testing

The extension includes comprehensive testing for both C2PA validation and blockchain verification:

# Run C2PA validation tests
npm run test:c2pa

# Run blockchain verification tests
npm run test:blockchain

# Run end-to-end tests
npm run test:e2e

Creating YouSeddit C2PA Content

To create content with YouSeddit C2PA assertions:

1. Use standard C2PA creation tools (Adobe, CAI tools, etc.)
2. Add YouSeddit assertions through the YouSeddit Creator Portal
3. Generate blockchain entries for your content
4. Apply smart contracts for distribution

Extension API

The extension provides a JavaScript API for webpage integration:

// Check if extension is installed and get version
const extensionInfo = await window.yousedditC2PA.getInfo();

// Request verification for a specific element
const verificationResult = await window.yousedditC2PA.verify(element);

// Listen for verification events
window.addEventListener('youseddit-verification', event => {
  const { element, result } = event.detail;
  // Handle verification result
});

Future Enhancements

• Expanded Media Support: Add verification for audio quotes and transcribed video content
• Decentralized Verification: Enable verification against multiple blockchain nodes
• IPFS Integration: Support for content stored on IPFS with blockchain references
• In-page Verification Badge: Allow publishers to embed verification indicators directly
• Verification API: Provide verification as a service for third-party applications

Security Model

Security Model

Youseddit’s security model is designed to ensure content authenticity, privacy, and secure transactions throughout the platform.

Content Authentication

PGP/GPG Email Encryption and Verification

All email content processed through YouSeddit uses PGP/GPG encryption and signatures with multi-party attestation:

• Journalists must send encrypted emails to interviewees
• Interviewees must respond with both signed and encrypted emails
• System validates proper encryption and signature before processing
• Token-based validation confirms:
  • Source authenticity (who sent the email)
  • Content integrity (the content hasn’t been altered)
  • Timestamp verification (when the content was created)
  • Email address control (via encrypted token verification)
• The email validation process creates attestations from all parties
• Journalists can optionally make content searchable while maintaining access controls

Our detailed workflow diagram shows the complete validation process.

C2PA Content Provenance

The Coalition for Content Provenance and Authenticity (C2PA) framework is used to:

• Create verifiable attestations about content origin
• Track content editing and transformation
• Provide a tamper-evident chain of custody

Blockchain Security

Off-Chain Encrypted Storage with On-Chain Hashing

Youseddit uses a hybrid storage approach for GDPR compliance and security:

• Off-Chain Storage: Full email content is encrypted using GPG/PGP and stored on IPFS
• On-Chain Hashing: Only cryptographic hashes and metadata are stored on the blockchain
• IPFS Content Addressing: Encrypted files are accessed via their unique Content Identifier (CID)
• Content Privacy: Sensitive content remains encrypted off-chain
• Verification Path: Hash verification allows proving integrity without revealing content
• Access Control: Only authorized key holders can decrypt the off-chain content

Smart Contract Security

Smart contracts controlling access to content undergo:

• Formal verification to ensure contract logic is correct
• Security audits by independent third parties
• Standard compliance with established NFT and licensing patterns

Access Control

Wallet-Based Authentication

• Access to content requires cryptographic proof of ownership
• Smart contracts enforce licensing terms automatically
• No centralized authority can override access controls

Privacy-First Design

• Quote content and identity remain private until explicitly shared
• Consent is managed through attestation transactions
• Anonymous verification is possible through the public verification API

Audit Trail

All actions on the platform create an immutable audit trail:

• Content creation and verification
• License issuance and transfers
• Access events and usage

This audit trail provides accountability while maintaining privacy through selective disclosure mechanisms.

Using the C2PA Extension

Using the YouSeddit C2PA Browser Extension

The YouSeddit C2PA Browser Extension helps you verify the authenticity of content across the web, with special capabilities for verifying text quotes against our blockchain ledger.

Installation

1. Visit the Chrome Web Store
2. Click “Add to Chrome”
3. Confirm the installation when prompted
4. The YouSeddit C2PA icon will appear in your browser toolbar

Understanding C2PA Content

The Content Authenticity Initiative (CAI) and the Coalition for Content Provenance and Authenticity (C2PA) have created standards for verifying digital content. Look for these indicators:

• C2PA Badge: Shows that content has verifiable provenance information
• Youseddit Badge: Indicates blockchain-verified content with smart contract authorization

Verifying Content

Images and Videos

The extension automatically verifies C2PA-enabled images and videos:

1. C2PA-enabled media will display a small verification icon in the corner
2. Click the icon to view detailed provenance information
3. For Youseddit-enhanced C2PA content, you’ll also see blockchain verification details

Text Quotes

For text quotes with C2PA verification:

1. Quotes with C2PA verification will be highlighted with subtle indicators
2. Click on the indicator to view verification details including:
   • Source information
   • Blockchain verification status
   • Smart contract details for the domain

Verification Status Indicators

The extension uses consistent indicators across content types:

• ✅ Green Checkmark: Content is verified and the domain has proper authorization
• ℹ️ Blue Info: Standard C2PA content without YouSeddit blockchain verification
• ⚠️ Yellow Warning: Content is verified but domain has licensing issues
• ❌ Red X: Content claims C2PA verification but fails validation

Verification Details

When you click on a verification indicator, a panel appears showing:

1. Content Information

   • Type of content (image, video, text quote)
   • Creation date and time
   • Source details

2. C2PA Provenance

   • Creation and edit history
   • Software used
   • Cryptographic signatures

3. Blockchain Verification (for YouSeddit content)

   • Blockchain transaction ID
   • Verification timestamp
   • Content hash

4. Smart Contract Status (for YouSeddit content)

   • License type (exclusive/non-exclusive)
   • Contract expiration date
   • Domain authorization status

Extension Settings

Access settings by clicking the YouSeddit C2PA icon in your browser toolbar:

Verification Options

• Verification Mode: Choose between automatic or on-demand verification
• Verification Display: Control how verification indicators appear
• C2PA Types: Select which types of C2PA content to verify (images, videos, text)

Display Preferences

• Icon Style: Choose between different indicator styles
• Panel Position: Set where verification panels appear
• Details Level: Basic or advanced information display

Privacy Settings

• Cache Duration: Control how long verification results are stored
• Local Storage: Manage what data is stored on your device
• Telemetry: Enable/disable anonymous usage statistics

Understanding Quote Verification

When verifying text quotes, the extension checks several factors:

1. Text Match: Confirms the quoted text matches the verified source
2. Context Preservation: Ensures the quote maintains original context
3. Domain Authorization: Verifies the website has rights to use the quote
4. Attribution: Checks that proper attribution is provided

Quotes may receive partial verification if they meet some but not all criteria.

Troubleshooting

If you encounter issues with the extension:

1. Verification Not Working

   • Check if the content actually contains C2PA metadata
   • Ensure you have a stable internet connection
   • Try disabling other extensions that might interfere

2. Content Not Recognized

   • Some text quotes may not be formatted in a way the extension can detect
   • Try clicking the extension icon and using the manual verification option

3. Performance Issues

   • Adjust settings to verify content on-demand rather than automatically
   • Reduce the cache duration if storage is a concern

Reporting Issues

To report verification problems or potential misuse:

1. Click the C2PA verification icon in the content
2. Select “Report an Issue” in the verification panel
3. Choose the appropriate issue type and provide details
4. Submit the report to the YouSeddit team

Privacy and Security

The YouSeddit C2PA extension:

• Does not track your browsing history
• Only analyzes C2PA content on pages you visit
• Does not collect personal information
• Stores verification results locally by default
• Never modifies webpage content

For more information about privacy, see our Privacy Policy.