AttestTrail
What is C2PA?Try C2PA Viewer

Verify an image

Upload any image to inspect its C2PA content credentials and provenance data.

Need the explainer first? Read C2PA Verification for the step-by-step workflow, or start with What is C2PA?.

Drop an image here or click to browse

JPEG, PNG, TIFF, WebP, AVIF — up to 50 MB

or

How C2PA Verification Works

This free C2PA viewer checks any image for embedded Content Credentials — the cryptographic provenance data defined by the C2PA standard. When you upload an image, the tool parses its JUMBF manifest, validates the COSE signature and X.509 certificate chain, and checks the signer against a curated trust list.

The verification returns one of four deterministic decision classes:

  • Verified Camera Origin — Signed by a trusted camera (Nikon, Canon, Leica, Sony, Samsung, Google Pixel). Cryptographic proof of physical capture.
  • Verified AI-Generated — Signed by a trusted AI tool (Adobe Firefly, DALL-E, Google Imagen). Cryptographic proof of synthetic origin.
  • Unverified High Risk — No valid credentials, but risk signals present. Flagged for review.
  • No Provenance Data — No C2PA manifest found. No risk signals detected.

For programmatic verification, use the AttestTrail C2PA Verification API. If you want the conceptual overview first, read What is C2PA?. For technical background on how manifests work, see How C2PA Content Credentials Work. This page is the demo tool; the explainer pages are better targets for search and documentation-oriented traffic.