Show HN: PACT – An open-source toolkit for privately signing digital content

  • Posted 1 hour ago by rstock
  • 1 points
https://github.com/ncrypt-ai/pact
I’ve recently been doing a lot of reading about provenance tracking, content authenticity, and AI model training policy enforcement and started working on PACT in an attempt to address some of the issues I saw.

PACT is an open-source toolkit for signing content claims, attaching machine-readable policy metadata to files, and verifying those claims against a hosted trust registry. The initial use case is AI-training policy/provenance: for example, letting a content creator publish a signed “no commercial training” policy record in a way that preserves the privacy of the content and the creator.

Some of the features are: - Actions are append-only (an event log with Merkle batch disclosure) so the registry's full history is publicly auditable. - User identities are registry-scoped to prevent cross-registry tracking, and user identifiers are generated using a blinded OPRF, so the registry never sees raw device data or the derived token - Content commitments are salted, so the registry can hold a valid claim without ever receiving the actual content, and can't be used to reverse-lookup content from the public record - Content commitments are salted, so the registry can hold a valid claim without ever receiving the actual content, and can't be used to reverse-lookup content from the public record. - The ability to dispute potentially fraudulent claims and some initial work to attempt to identify competing claims and possible violations of AI training policies

Im currently hosting a registry instance here: https://ncryptai.com/pact (no login required).

I’d appreciate any feedback and/or requests for features you think might be useful.

0 comments