How Sourcemark works
Sourcemark turns creator choice into a machine-readable record — from fingerprint to public verification page to registry lookup.
The simple version
Fingerprint the work
Select the file you want to declare. Sourcemark creates a fingerprint locally, so the original stays on your device.
Set your AI training choice
Choose whether the work is not available for AI training or available by licence. Add the right licensing contact where permission is given.
Publish a verifiable record
Sourcemark creates a timestamped, machine-readable record with a verification page that can be checked by platforms, partners and AI companies.
AI companies can then query the registry by file fingerprint to see what is not available, what may be available by licence and who to contact.
The full flow
Hover or tap each step to see what happens at every stage.
Select the image, document or video you want to declare.
File
Select the image, document or video you want to declare.
Fingerprint
A unique fingerprint is created locally on your device. The original file stays with you.
Declaration
Choose whether the work is not available for AI training or available by licence.
Record
A timestamped, machine-readable record is created and cryptographically anchored.
Verification
A public verification page is created that anyone can check — no account required.
Query
AI companies query by fingerprint to check declared permissions before training.
What happens behind the scenes
Local fingerprinting
Sourcemark creates a fingerprint of the file on your device, so the original file stays with you.
Structured records
Each declaration becomes a machine-readable record linked to the file fingerprint, the declared AI training choice, the timestamp and any relevant licensing contact.
Verifiable timestamps
Each record is cryptographically anchored to an independent public ledger, creating a tamper-evident timestamp that can be checked later.
Public verification pages
Each record has a verification page showing the declaration in a format that people, platforms and AI companies can check.
Registry queries
AI companies can query the registry using file fingerprints to find declared signals before training. No match means no declaration was found, not that permission exists.
Record history
If a declaration changes, Sourcemark preserves the history rather than overwriting it.
What gets recorded
- A fingerprint of the file
- The declared AI training choice
- A timestamp
- The declarer, where the record is public
- A licensing contact pathway, where relevant
- A record of changes over time
Sourcemark records declarations about files. It does not verify ownership, rights or authority.
What stays private
Your original file is never stored or published by Sourcemark. The record is about the fingerprint and the declaration, not the file itself.
Public declarations can show the declarer's identity. Private declarations keep the consent signal queryable while hiding the declarer's identity.
If a work is available by licence, the relevant contact pathway needs to be visible so AI companies know who to approach.
Verification pages
Each Sourcemark has a public verification page with its own URL. The page shows:
- The declared AI training status
- The date and time the declaration was recorded
- The licensing pathway, where relevant
- The declarer, where the record is public
- The verification status of the record
The page is designed to be readable by people and usable by systems.
For AI companies
Sourcemark gives AI companies a way to check for declared consent signals before training begins. The registry can be queried using file fingerprints, whether as part of a one-off audit or a larger workflow.
Where a match is found, the result shows the declared status and any relevant licensing route. Where no match is found, Sourcemark has no registered signal for that file. No match is not the same as consent.
C2PA Content Credentials
Sourcemark can work alongside existing C2PA Content Credentials where they are already present. Content Credentials can help preserve provenance information about how a file was created or edited. Sourcemark serves a different purpose: it records the creator's declared AI training choice in a form that can be checked later.
Used together, they can give creators a stronger record around both provenance and consent. C2PA is optional and not required to create a Sourcemark record.
Why this matters
Without shared infrastructure, creator choice is easy to miss and difficult to check at scale. Sourcemark is designed to make declarations visible earlier, when they can still inform training decisions, licensing conversations and internal governance processes.
It does not replace regulation, licensing schemes or enforcement. It fills a gap they do not currently fill well: making declared AI training choices easier to record, easier to verify and easier to act on.