What is VERIFY?
VERIFY aims to be the central repository for content license and provenance, equipping the world with a backend to verify the source and license of digital content.
VERIFY is a public library of signed digital assets with capabilities that allow for a single DRM solution for digital assets. Every asset stored in VERIFY is signed by a real world entity that attests to the provenance of the asset. The publisher declares the asset's license for access and reference through a smart contract module.
Protocol Components
- A metadata standard for the registry and attestation of content provenance.
- The ContentGraph, a smart contract which stores the reference to metadata and licenses of a digital asset by binding it with a token that represents that asset through a unique identifier.
- An identity registry where signing key pairs are associated with a real world identity.
- A licensing standard that allows a publisher to configure access policies on their content.
What this enables
A reverse lookup of any content in VERIFY will produce provenance metadata, its license, and a named publisher. This allows for many solutions, some of which are explored below.
A Delivery Mechanism for Digital Content
VERIFY binds digital assets with smart contract licenses. These programmable licenses allow for the publisher to declare rules for accessing and referencing their digital content published to VERIFY.
By polling for new content on verify, data consumers can fetch content as it is published to VERIFY. Their ability to access the content is described by the license state that has been attached to a given node.
Some example access patterns:
- Allowing a specific data consumer to consume content as it is published to VERIFY. (Similar to web scraping access pattern).
- Embargoing content such that it is only accessible in a given time window.
- Selling content at a given or dynamic price.
As the licenses are programmable, they can be configured to deliver any access pattern or business model desired.
A publisher must store the asset at a designated location and make its location public in the corresponding nodes metadata. In the case of licensed content, the content can be stored in encrypted form. The key for decrypting the content is then stored in a key management system that points at the smart contract license on VERIFY, to distribute the symmetric key that allows a consumer to decrypt the asset. If a publisher wishes to store their content on their own infrastructure, they can do so by making the content accessible through a gateway which authenticates against VERIFY's state.
Tracking the Origin of Digital Content
When content is added to VERIFY it is cryptographically signed by the publisher's key pair. The signature binds each piece of content with real world organization or person.
This signature attests to the ownership of the asset itself as well as the additional metadata associated with the content. While this doesn't verify the truth of metadata or the ownership from the publisher of the content, registry of both allows for public dispute and interrogation of content metadata. Over time bad actors are identified, and ownership rectified.
Content Metadata Registry
Each piece of content published on VERIFY has metadata associated with it. This metadata is bound to the digital asset through the publisher's signature.
Publishers can provide additional information surrounding the creation of the digital assets. For example, a publisher of an image may provide information on the device, location, and identity who captured the photograph to attest to the legitimacy of its subject matter.