Skip to content

CHANGELOG

What shipped.

The latest from Hashproof. Subscribe via RSS or check back here — we ship regularly and update this page when we do.

RSS

  1. Hashproof v0.1 beta

    ReleaseAPIDashboard

    Hashproof opens in closed beta today. The v0.1 API implements every section of the C2PA 2.1 spec, served as one HTTP service. What's live: managed Ed25519 signing with per-tenant key isolation, Merkle-anchored storage on Base L2, soft-binding pHash resolution with a configurable 10-bit Hamming threshold, one-call verification with structured trust-status, and a dashboard for API key management + live usage. Free tier is 1,000 manifests/mo and 10k verifications/mo — no credit card. Sign up through the landing page; we'll open the gate as capacity permits.

  2. C2PA 2.1 spec coverage complete

    FeatureVerification

    Every section of the C2PA 2.1 specification now has a corresponding endpoint or SDK primitive. Highlights: ingredient manifests with provenance DAG traversal, soft-binding assertions (pHash + fingerprint), training-data assertions for AI lineage, and hard-binding with embedded manifests. Our test harness runs against the official C2PA conformance suite; full coverage report will ship with Wave 2.

  3. Merkle-anchored manifests now on Base L2

    FeatureSigning

    Every signed manifest is now included in a Merkle tree committed to Base L2 on a rolling hourly cadence. Each manifest response includes a Merkle inclusion proof you can verify independently — no need to trust us. Transaction hashes are visible in the dashboard and through the /v1/manifests/:id/proof endpoint. Adds ~1.2s to the tail latency of the signing path; you can opt out on Free and Growth tiers.

  4. Soft-binding pHash resolver (public beta)

    FeatureAPI

    POST a binary that has been re-encoded, cropped, or watermarked, and we return ranked manifest candidates from your tenant — ordered by Hamming distance with confidence scores. The default threshold is 10 bits on a 64-bit 2D-DCT pHash, tuned against a Cloudinary-style re-encoding gauntlet. Configurable per-request for noisier sources.

  5. Supabase Auth live on hashproof.ai

    DashboardImprovement

    The dashboard now supports Google + GitHub OAuth and email/password through Supabase Auth. Sessions refresh automatically; the dashboard uses the session JWT to call api.hashproof.ai, so no secret is ever shipped to the browser. API keys remain the recommended path for server-to-server traffic.

That's all for now. Subscribe to the RSS feed to catch the next one.