Sigillo — mark
Content Authenticity Federation

A seal that survives the internet.

Sigillo gives trusted sources — libraries, newsrooms, archives, museums — a cryptographic way to authenticate their content. Anyone on the internet can verify it, instantly, without permission.

Try it How it works On GitHub
Demonstration

Verify something.

Pick a scenario, upload a file, or paste a URL. Results in under a second.

The file's SHA-256 must match the credential's contentHash claim.

or

We'll fetch it and auto-discover a credential at <url>.vc if one exists.

Paste manually only if auto-discovery doesn't find one.

How it works

Three moves. No blockchain.

i.

Identity

Each institution publishes a small identity file at its own domain — e.g. nypl.org/.well-known/did.json. No registry. The domain is the identity.

ii.

Seal

For every item they publish, they sign a small attestation: "this content hash is ours." Ed25519, W3C Verifiable Credentials. Millions of items in minutes.

iii.

Verify

Any reader, anywhere, resolves the identity file and checks the math. Green, grey, or red — in one HTTPS round trip. Works offline after first fetch.

Technical

The protocol.

Protocol
caf/0.1
Node DID
did:web:sigillo.ai
Identity
/.well-known/did.json
Node info
/v1/node
Verify API
POST /v1/verify
Signatures
EdDSA (Ed25519) over JWS
Built on
W3C DIDs · W3C Verifiable Credentials · C2PA-compatible
License
Open source · MIT