--- title: "Standards and Applied Research for Digital Provenance" description: "The Institute of Provenance is a nonprofit standards and research institution advancing the science and practice of digital provenance and data attribution." url: https://instituteofprovenance.org/ source: Institute of Provenance --- Institute of Provenance # Standards and Applied Research for Digital Provenance A nonprofit standards and research institution advancing the science and practice of digital provenance and data attribution. [Explore Our Work](/standards)[About the Institute](/about) ## The Missing Layer Digital infrastructure has mature standards for transport, addressing, and encryption. It has no equivalent standard for provenance. There is no interoperable way to answer the fundamental question — _where did this data come from, and has it been altered?_ Existing solutions are siloed by format, vendor, or platform. Attribution metadata is routinely stripped during normal operations. Verification requires trusting a third party rather than trusting the data itself. The gap is structural, not technological. The Institute of Provenance addresses this gap through open standards, applied research, and a neutral trust hierarchy — so that provenance and attribution can become baseline properties of digital data, not features of specific products. ## Our Work Open standards and applied research for digital provenance and data attribution. ### Open Standards The XION format, the trust block schema, the certificate hierarchy, the wire protocol. We define what digital provenance means and publish the specifications that make it interoperable. ### Applied Research Luminance Waveform Analysis for transformation-resilient fingerprinting. Dual-pipeline forensic and identity verification. Video fingerprinting with temporal alignment. The science behind content authentication. ### Trust Infrastructure A hierarchical certificate system rooted in the Institute's offline Root CA. Ed25519 signatures, BLAKE3 hashing, Sparse Merkle Trees for verifiable certificate state. The cryptographic foundation for the ecosystem. ## XION: Content That Carries Its Own Proof When content is signed with XI Object Notation, a trust block is embedded directly in the document. Not a sidecar file. Not an external database. The proof travels with the content. That trust block contains everything needed to verify the artifact: the BLAKE3 content hash, the Ed25519 signature, the signer's public key, and the full certificate chain back to the Institute of Provenance Root CA. XION artifacts are self-contained. You can verify a signed document on an air-gapped machine with no network access. The content is canonicalized before hashing so the same content always produces the same hash regardless of platform. Embedded Trust Block { "v": 1, "sig\_alg": "ed25519", "hash\_blake3\_hex": "cd9f70ec...", "sig\_b64": "B42QjM2R...", "key\_id": "UA4xFIgM...", "x509\_chain\_pem": \["-----BEGIN..."\], "created\_at": "2026-02-12T18:20:27Z" } Content hash + signature + full certificate chain. Self-verifiable offline. ## The Content Padlock In the early 2000s, SSL/TLS solved transport trust. The browser padlock became the universal signal: _this connection is secure_. Today, browsers warn you when a site does not have one. We are at the same inflection point, one layer up. HTTPS solved **transport trust**. The question it never answered is **content trust**: is this content authentic, who created it, and has it been tampered with? The **\[XION\] badge** is the attribution lock. Where the HTTPS padlock verifies the channel, the XION badge verifies the content itself. Click it and the content goes through cryptographic verification: signature validation, certificate chain resolution, and attribution lookup. The trajectory is the same one the padlock followed. First, attributed content will be notable. Then expected. Eventually, unattributed content will be the anomaly that raises questions. ## Get Involved The Institute welcomes collaboration from researchers, standards bodies, technology companies, and policymakers committed to building trustworthy digital infrastructure. [View the XION Standard](/standards)[Get in Touch](/contact)