AgentPKI

For publishers

You wrote it. AgentPKI proves it.

Your investigation goes live at 10:14 AM. By 2:00 PM, four AI farms have cloned it with subtle word changes, attributed it to fake bylines, and posted it on similar-looking domains. Search engines index all of them. Your original blurs into the noise. Your reputation gets laundered into someone else's traffic.

AgentPKI Provenance is how you sign your work at publication time, and how anyone — reader, search engine, archive, court — can prove which is the original in milliseconds.

Sarah publishes. The clones spread. Two timelines.

Sarah Lin is a freelance investigative writer with 18,000 Substack subscribers. Her piece on a healthcare-billing scam takes six weeks to research and one hour to write up. Here's what happens after she clicks publish — without AgentPKI, then with it.

Today — without provenance

  1. 10:14 AM Sarah publishes. Total verified-original count: 1.
  2. 11:30 AM An AI scraping farm in Bangalore mirrors the article. They run Claude to paraphrase three paragraphs and swap the byline. Online versions: 2.
  3. 12:45 PM Three more farms across two continents do the same. Online versions: 5. None look cryptographically different from the original.
  4. 2:00 PM Reddit picks up one of the clones. It gets 8,000 upvotes. Sarah's original gets 200.
  5. 4:30 PM Google's search results show the Reddit-favored clone above Sarah's piece. AI Overviews summarize from the clone.
  6. Day 7 Sarah's name has been associated with 4 articles she didn't write. The healthcare company her piece exposed sues one of the AI-generated clones, naming Sarah as a defendant.

The original loses to clones because nothing distinguishes them. Sarah's brand becomes provably unprovable.

With AgentPKI Provenance

  1. 10:14 AM Sarah publishes. Substack's CMS signs the article with an AgentPKI manifest at the moment of publication. Cryptographic signature, bound to the exact bytes.
  2. 11:30 AM The Bangalore farm mirrors and paraphrases. Their version has no valid signature. Some bytes are different — even if they kept the signature, it'd fail.
  3. 12:45 PM Search engines that respect provenance (Google, DuckDuckGo, Bing) demote unsigned content from suspicious domains and elevate the signed original.
  4. 2:00 PM Reddit and Bluesky display a green "verified author: sarahlin.substack.com" badge on Sarah's link. Unsigned clones get no badge or a "no provenance" warning.
  5. 4:30 PM Sarah's article ranks first. AI Overviews summarize her piece and attribute her by name.
  6. Day 7 When the healthcare company subpoenas Substack, the cryptographic chain settles the question in a single court declaration: Sarah authored bytes X at timestamp Y, immutable.

The original wins because the original is the only one anyone can verify. Sarah's brand stays Sarah's.

Sarah is a composite — but every step in the "today" column is happening to investigative journalists, Substack writers, photographers, and independent researchers in 2026.

Three steps for a publisher.

AgentPKI Provenance is a thin extension of C2PA, the Adobe/Microsoft/BBC content credentials standard. Existing C2PA tooling (Adobe Content Credentials, Truepic Lens) sees signed content and treats it normally. AgentPKI tooling adds the agent-attribution layer.

1

Mint a publisher passport

Substack, Reuters, Wikipedia, or you-as-a-self-publisher generate an Ed25519 keypair and register a tier-2 issuer at dashboard.agentpki.dev. One-time setup.

2

Sign at publication time

Your CMS adds one API call before publish. The article's bytes are hashed (SHA-256), the hash is bound to your passport, the signature is attached as a sidecar JSON, an HTTP header, or an inline comment.

3

Anyone verifies

Readers, search engines, browser extensions, court records all hit a stateless verifier (provenance.agentpki.dev, or any verifier — open spec, no lock-in). They get back: "yes, Substack-authored at 10:14 AM, sha256 matches."

Hands-on

Try signing a piece of content right now.

Paste any text into the Provenance Explorer. We mint a publisher passport, sign your content, give you back a manifest and HTTP header. Then we let you tamper with the content and watch verification fail. Same code that will run when Substack deploys this.

Open Provenance Explorer Read the spec

Who we want to work with first.

We're talking to publishers who would deploy AgentPKI Provenance as a reference integration — and become the case study every other publisher reads when deciding whether to adopt. We bring the protocol, the verifier, and the engineering integration support; you bring the editorial credibility.

Talk to Founder

Personal reply from Founder within 48 hours. Tell us a bit about you — what you're building, what you'd want from AgentPKI, anything you want to push back on.

By submitting, you agree we can email you back. We don't share leads, ever.