content-provenance — every piece of content with its own signature.
Ed25519-based digital signatures for TYPO3 content, cryptographically verifiable via /.well-known/provenance-keys. Plus end-to-end audit-trail logging — the foundation for EU AI Act compliance and demonstrable content integrity.
EU AI Act, deepfakes, AI-generated content: who wrote this?
With content-provenance
- Ed25519 signature per content element, stored alongside the content
- Public verification endpoint via
/.well-known/provenance-keys - Audit log with who/when/what, append-only
- DDD architecture, deptrac-checked
- EU AI Act-prepared fields (model, prompt hash, reviewer)
Until now
- "Reviewed by editorial" as a claim in the footer
- No cryptographic verifiability
- Audit trail missing or living in the SQL log
- EU AI Act requirements with no clean way to prove anything
Four building blocks
EU AI Act fields
Prepared metadata fields for AI-generated/-assisted content: model, prompt hash, human reviewer, approval timestamp.
Audit trail
Append-only audit log of every change: who, when, what, signed and timestamped. Verifiable end-to-end via the same Ed25519 keys as the content itself.
Public key endpoint
/.well-known/provenance-keys serves the active public keys for external verifiers — following the RFC convention.
Ed25519 signatures
Cryptographic signature per content element via libsodium (ext-sodium required). Key rotation and multi-key support included.
Architecture
Classes/
├── Domain/ # Signature models, key value objects, contracts
├── Application/ # Signing services, verification orchestration
├── Infrastructure/ # Key providers, repositories, API middleware
└── Presentation/ # Controllers, event listeners
API endpoints
| Endpoint | Purpose |
|---|---|
/_provenance/api/verify | Verify content signatures |
/.well-known/provenance-keys | Public key discovery |
Database tables
| Table | Purpose |
|---|---|
tx_provenance_signature | Content signatures |
tx_provenance_audit_log | Audit trail entries |
AI Asset Provenance (EU AI Act Art. 50, since v0.6.0)
From v0.6.0 the package covers the regulatory core of EU AI Act Article 50: machine-readable labelling of AI-generated images, auto-detection on upload and IPTC XMP write-back into the file.
Three building blocks
- TCA asset-origin tagging — a new “AI Provenance” tab on
sys_file_metadata,sys_file_referenceandpageswith fields for origin (Human / AiGenerated / AiAssisted), AI system, AI prompt and C2PA status. - Auto-detection on upload — the
AfterFileAddedEventlistener reads C2PA manifests (viac2patool) and IPTC XMP tags (viaexiftool) and seeds the TCA fields automatically. ChatGPT, DALL-E and Adobe Firefly images are classified correctly without editor intervention. - IPTC XMP write-back — when an AI-tagged file is saved, the
EmbedAiMetadataOnFileSavelistener writesIptc4xmpExt:DigitalSourceType,AISystemUsedandAIPromptInformationback into the file. Machine-readable disclosure, satisfies Art. 50.
Extended TCA columns (v0.6.0+)
| Table | Column | Purpose |
|---|---|---|
sys_file_metadata | tx_provenance_origin | AssetOrigin (human / ai_generated / ai_assisted) |
sys_file_metadata | tx_provenance_ai_system | Free-text model name (e.g. “DALL-E 3”) |
sys_file_metadata | tx_provenance_ai_prompt | Optional prompt for audit and reproducibility |
sys_file_metadata | tx_provenance_detected_at | Auto-detection timestamp |
sys_file_metadata | tx_provenance_c2pa_status | none / signed_own / signed_external / stripped |
sys_file_reference | tx_provenance_origin | Per-reference override (rarely needed) |
pages | tx_provenance_origin | Page-body origin (RTE / generated articles) |
pages | tx_provenance_ai_system | Model name for the page body |
Container binaries (optional)
For auto-detection and IPTC write to work, exiftool (read/write IPTC XMP tags across all image, video and audio formats) and c2patool (read/write C2PA manifests; releases at contentauth/c2pa-rs) must be present inside the httpd container. Without those binaries, the extension keeps running — only the auto-detection and IPTC write steps become no-ops with a log warning. Defensive binary handling in the listener catches that case; the editor’s manual tag remains a fallback at any time.
C2PA Manifest Signing (Enterprise Provenance Layer, since v0.7.0)
Positioning: This layer is not a regulatory must for EU AI Act Article 50 — the machine-readable disclosure (IPTC XMP plus Schema.org) and the visible FE badge from phases 1–4 already cover the regulatory core. C2PA signing is the enterprise authenticity layer: provability, anti-stripping, chain of custody, forensics and interoperability.
From v0.7.0 the package contains a cryptographic C2PA sign pipeline:
C2paCertificateProvider— resolves cert and key from/run/c2pa/(delivered by cert-manager, 90-day lifetime, quarterly leaf rotation).C2paManifestSigner— subprocess wrapper aroundc2patool. Auto-detectsc2pa.created(fresh) vs.c2pa.metadatawithparent_ingredient(append) — upstream signatures (OpenAI, Adobe) stay in the chain.ReSignDerivativeFileslistener onAfterFileProcessingEvent— also signs TYPO3-generated thumbnails and resizes so the provenance chain survives the FAL image processing pipeline.provenance:resignCLI for opt-in backfill of existing AI-tagged files (idempotent,--forcefor re-sign).
c2pa_status state model
| Value | Meaning |
|---|---|
none | Default — no sign attempt has happened |
signed_external | Upstream signature recognised (OpenAI, Adobe), we have not signed yet |
signed_self_anchored | Freshly signed by us (Step-CA), no parent manifest |
signed_self_anchored_append | Edit action appended to an upstream manifest (parent source preserved) |
signed_trusted | Reserved for phase 5b — trust-list-conformant CA cert |
stripped | Was signed, manifest was later removed (e.g. through re-encoding outside TYPO3) |
failed | Sign attempt crashed (cert missing, c2patool exit ≠ 0, etc.) |
Trust model
The signing pipeline establishes a private provenance chain: the signing cert comes from the project-owned Step-CA (self-anchored), tamper evidence via hash-anchored manifest, append mode preserves the upstream trust chain (OpenAI/Adobe remain visible), strip detection via c2pa_status=stripped provides a strong forensic signal in the BE. External validators like contentcredentials.org/verify show our signature as “untrusted (unknown CA)” — the signature is cryptographically valid and tamper-evident, but our root is not in the C2PA trust list. This is intentional for phase 1: internal provability and forensics without an external onboarding programme.
Configuration and requirements
Configure key providers and signing policies through TYPO3 site settings. Multiple key providers for different environments (development, staging, production) are supported — the backend is pluggable (file, environment, vault).
Requirements
- PHP 8.3+
- TYPO3 14.0
ext-sodium(mandatory — for Ed25519 operations)
Optional dependencies
| Package | Type | Purpose |
|---|---|---|
ext-sodium | Required | Ed25519 cryptography |
moselwal/dev | Dev | Shared QA tooling |
EU AI Act Art. 50 compliance and Google AI Search
The regulatory minimum for Art. 50 (in force from August 2026) is “machine-readable labelled AND recognisable as artificially generated”. That is covered by phases 1–4 of this package and the site packages:
| Requirement | Covered by |
|---|---|
| Machine-readable | IPTC PhotoMetadata 2025.1 XMP (DigitalSourceType, AISystemUsed) — phase 3 |
| Detectable | Auto-detection from C2PA/IPTC on upload — phase 2 |
| Visible to the user | FE badge via moselwal/sitepackage-base ≥ 3.22.0 — phase 4 |
| Structured for crawlers | Schema.org ImageObject.creator via moselwal/structured-content ≥ 1.5.10 — phase 4 |
Art. 50 currently does not require cryptographic provenance, PKI, trust-list CAs, watermarks or blockchain. The C2PA signing layer (phase 5) is a strategic complement for provability, forensics and enterprise authenticity use cases — not a regulatory must.
Google AI Search conformance (May 2026)
Google’s official guides confirm the stack approach: the AI Optimization Guide states explicitly that no new machine-readable files, AI text files, markup or Markdown are needed to appear in generative AI search, and that structured data is not required. The only hard technical mandatory point Google sets for AI images is IPTC DigitalSourceType TrainedAlgorithmicMedia — covered by phase 3 (IptcXmpWriter). Schema.org extensions (phase 4) stay useful for classic SERP features but are not required for generative AI search. C2PA signing (phase 5) is currently not evaluated by Google for search ranking — it remains strategic as an enterprise authenticity layer.
Note: This documentation is not legal advice. For the formal Art. 50 assessment we recommend an independent risk analysis and a disclosure concept that names the layers implemented in the project and documents the strip-detection strategy (c2pa_status=stripped).
Source code & docs
TYPO3 Extension Repository
Not in the official TER — public Composer distribution is being prepared (coming soon).
Composer package
Public release as moselwal/content-provenance in preparation. Coming soon.
Repository
Source code and issue tracker will be opened with the public release. Coming soon.
Mirror
Public mirror and pull-request workflow follow with the release. Coming soon.
EU AI Act readiness as a project?
content-provenance is the technical foundation. If you need an end-to-end EU AI Act compliance setup — including processes, training and audit preparation — get in touch.
Oder direkt schreiben: kontakt@moselwal.de
Where we use this …
This package is the provenance layer for AI-Ready CMS, AI-Ready Commerce and Open Source & Digital Sovereignty. Managed variant: AI-Ready CMS as a Service.