Tamper-evident attestations for AI-generated content

The EU AI Act (Regulation (EU) 2024/1689) requires providers and deployers to label AI-generated or AI-manipulated content (Article 50). The C2PA / Content Authenticity Initiative standard, backed by Adobe, Microsoft, OpenAI, and BBC, is the industry response — signed metadata embedded in media files.

What signed metadata doesn't give you on its own: a tamper-evident time bound. A producer's signature says "I claim I generated this at time T"; only an independent timestamp source establishes that the manifest couldn't have been created after that time. That's the gap BA | Stamp fills.

A canonical JSON manifest with the following shape — schema id bastamp.ai-provenance/v1:

{
  "schema": "bastamp.ai-provenance/v1",
  "model": "gpt-5",
  "modelVersion": "2026-04-15",
  "promptHash": "0x<sha256 of prompt>",
  "outputHash": "0x<sha256 of output>",
  "generatedAt": "2026-05-12T12:00:00.000Z",
  "params": { "temperature": 0.7, "seed": 42 },
  "metadata": { "requestId": "..." }
}

The SHA-256 of the canonicalized manifest (sorted keys, no whitespace) is what we anchor. The prompt and output themselves never leave your machine — only the hashes do.

TypeScript / Node, using the official SDK:

import { BAStamp } from "@bastamp/sdk";

const client = new BAStamp({ apiKey: process.env.BASTAMP_API_KEY! });
const r = await client.aiProvenance.attest({
  model: "gpt-5",
  prompt: userPrompt,
  output: completion.text,
  params: { temperature: 0.7, seed: 42 },
});
// r.manifest      → save with your output
// r.manifestHash  → anchored on Polygon (1 credit)

Or raw curl (any language with HTTP + SHA-256):

MANIFEST='{"schema":"bastamp.ai-provenance/v1","generatedAt":"2026-05-12T12:00:00Z","model":"gpt-5","outputHash":"0x...","promptHash":"0x..."}'
HASH=0x$(printf '%s' "$MANIFEST" | sha256sum | cut -d' ' -f1)

curl https://bastamp.com/api/v1/stamps \
  -H "Authorization: Bearer $BASTAMP_API_KEY" \
  -H "Content-Type: application/json" \
  -d "{\"contentHash\":\"$HASH\",\"mimeType\":\"application/x-bastamp-ai-provenance\"}"

1. The party receiving the AI output also receives output.provenance.json (the manifest the SDK returned).
2. They drop the manifest on bastamp.com/verify/<hash>. The page canonicalizes the manifest and recomputes SHA-256 — it must match the on-chain anchor.
3. For a fully trustless check, the open-source stamp-verify CLI queries the Polygon Stamper contract directly and confirms the timestamp without contacting bastamp.com.

• EU AI Act Art. 50 disclosure. The anchored manifest is a defensible audit artifact for the labeling obligations on generative AI providers and deployers.
• C2PA bridge. If you already produce C2PA manifests, anchor their hash on chain to add an independent time bound to the producer's signature.
• Copyright + dispute defense. Establish a verifiable upper bound for when a specific AI output existed.
• Audit trail for regulated AI. Financial, medical, and legal AI systems can attest every output for retrospective compliance review.

A BA | Stamp manifest records that the listed model emitted this output at this time, as claimed. It does not establish that the model identifier is accurate (a caller could lie about which model produced the output), that the output is factually correct, or that the manifest wasn't generated retroactively for an output that has been edited since. As with any timestamping scheme, the on-chain anchor proves the manifest existed by a certain block time — not the truth of every claim inside it.

For higher-confidence provenance, combine the BA | Stamp anchor with the producer's signed C2PA manifest, model-provider attestation tokens, and a custody log.