I appear to be late-ish to this standard but I’ve not seen many community managers discussing Content Authenticity, and...

I appear to be late-ish to this standard but I’ve not seen many community managers discussing Content Authenticity, and... | Tightknit Community

9 comments

· Sorted by Oldest

Lief Z.
·
·
I found something very established under the C2PA https://spec.c2pa.org/specifications/specifications/1.4/guidance/Guidance.html
Lief Z.
·
·
“The Coalition for Content Provenance and Authenticity (C2PA) has developed their technical specification for providing content provenance and authenticity through Content Credentials. It is designed to enable global, opt-in, adoption of digital provenance techniques through the creation of a rich ecosystem of digital provenance enabled applications for a wide range of individuals and organizations while meeting appropriate security requirements.”
Lief Z.
·
·
I bring it up as a BestPractice here because I think what Tightknit is building is ground-breaking and exactly the sort of space to help drive / differentiate themselves in an increasingly important context (UGC) for the wave of AI tools we are currently surfing. 😄
Todd N.
·
·
Really interesting find, Lief Z.!
1
Todd N.
·
·
C2PA’s ideal is beautiful in theory, every LLM pass logged, signed, traceable. Some possible issues I could foresee:
LLMs can log *nothing* useful — no prompts, no temperature, no model details — and still create a technically valid C2PA manifest. The spec allows this, so the chain is “valid” but meaningless.
There’s no way to verify that Grok actually is Grok, or that it’s not pretending to be ChatGPT. Vendors can claim any model name in the manifest, and unless you trust their credentials, you can’t know if they’re lying.
Redaction lets LLMs hide prior steps — for example, if ChatGPT wants to edit content originally created by Gemini, it can redact that Gemini was ever involved. The chain shows a gap, and the consumer has no way to know what was removed.
Metadata gets stripped in transit — by social media, email, cloud storage — breaking the chain.
C2PA enables transparency but doesn’t enforce it. You’ll need governance on top. I did a bit of searching and learned that while C2PA is used by some of the major LLM's it is in specific, limited ways--mostly for AI-generated images but none of them do it for text outputs. I love that you're thinking about Provenance Chains for Tightknit, Lief Z..
Lief Z.
·
·
Thanks Todd N. - those bullets are important finds. Probably have some (or all) of those unless/until there are proper Gov’t-level regulations
💯1
Lief Z.
·
·
If I, as a data controller or data processor take the effort to track provenance…well…I suppose it could be so cheap and easy to do that anyone could do it (and dilute it’s value). But if there is effort or skin in the game along the way, like processing effort, then it’ll discourage the fakers and improve trust in the system.
Lief Z.
·
·
I heard something about Adam Back (early bitcoin guy) recently where he proposed something like ‘forcing email systems to do a small calculation’ before they could send email which could theoretically & effectively eliminate SPAM because the calculation gets expensive at scale. Seems like this ‘content trust’ process has the capability of doing something similar along the way that would reduce the likelihood of problems of scale. and one last thought before I stop and go work…:D IF the system costs a little bit BUT THEN still allows the metadata to get stripped down the line then the “AI” content can get re-entered into the system, at scale in a ‘credibility laundering’ way. We need smart people solving this stuff (annnd that’s why I brought it here. ;d
2
Todd N.
·
·
I would consider donating a body part if I could be rid of SPAM forever. 😅 The internet is craving a return to trust and data sovereignty. I will enjoy working on these topics here with you and others!
🎯2
🎉2

Lief Z.
·
·
I found something very established under the C2PA https://spec.c2pa.org/specifications/specifications/1.4/guidance/Guidance.html
Lief Z.
·
·
“The Coalition for Content Provenance and Authenticity (C2PA) has developed their technical specification for providing content provenance and authenticity through Content Credentials. It is designed to enable global, opt-in, adoption of digital provenance techniques through the creation of a rich ecosystem of digital provenance enabled applications for a wide range of individuals and organizations while meeting appropriate security requirements.”
Lief Z.
·
·
I bring it up as a BestPractice here because I think what Tightknit is building is ground-breaking and exactly the sort of space to help drive / differentiate themselves in an increasingly important context (UGC) for the wave of AI tools we are currently surfing. 😄
Todd N.
·
·
Really interesting find, Lief Z.!
1
Todd N.
·
·
C2PA’s ideal is beautiful in theory, every LLM pass logged, signed, traceable. Some possible issues I could foresee:
LLMs can log *nothing* useful — no prompts, no temperature, no model details — and still create a technically valid C2PA manifest. The spec allows this, so the chain is “valid” but meaningless.
There’s no way to verify that Grok actually is Grok, or that it’s not pretending to be ChatGPT. Vendors can claim any model name in the manifest, and unless you trust their credentials, you can’t know if they’re lying.
Redaction lets LLMs hide prior steps — for example, if ChatGPT wants to edit content originally created by Gemini, it can redact that Gemini was ever involved. The chain shows a gap, and the consumer has no way to know what was removed.
Metadata gets stripped in transit — by social media, email, cloud storage — breaking the chain.
C2PA enables transparency but doesn’t enforce it. You’ll need governance on top. I did a bit of searching and learned that while C2PA is used by some of the major LLM's it is in specific, limited ways--mostly for AI-generated images but none of them do it for text outputs. I love that you're thinking about Provenance Chains for Tightknit, Lief Z..
Lief Z.
·
·
Thanks Todd N. - those bullets are important finds. Probably have some (or all) of those unless/until there are proper Gov’t-level regulations
💯1
Lief Z.
·
·
If I, as a data controller or data processor take the effort to track provenance…well…I suppose it could be so cheap and easy to do that anyone could do it (and dilute it’s value). But if there is effort or skin in the game along the way, like processing effort, then it’ll discourage the fakers and improve trust in the system.
Lief Z.
·
·
I heard something about Adam Back (early bitcoin guy) recently where he proposed something like ‘forcing email systems to do a small calculation’ before they could send email which could theoretically & effectively eliminate SPAM because the calculation gets expensive at scale. Seems like this ‘content trust’ process has the capability of doing something similar along the way that would reduce the likelihood of problems of scale. and one last thought before I stop and go work…:D IF the system costs a little bit BUT THEN still allows the metadata to get stripped down the line then the “AI” content can get re-entered into the system, at scale in a ‘credibility laundering’ way. We need smart people solving this stuff (annnd that’s why I brought it here. ;d
2
Todd N.
·
·
I would consider donating a body part if I could be rid of SPAM forever. 😅 The internet is craving a return to trust and data sovereignty. I will enjoy working on these topics here with you and others!
🎯2
🎉2