Media Origin Receipt™ · M.O.R. · the proof layer for media provenance

AI media needs receipts, not guesses.

A Media Origin Receipt™ is an independent, signed, ledger-anchored record of where a piece of media came from — the model, the prompt, the source assets, the edits, the credentials, the attestations, and the rights that traveled with it.

It covers human, AI, and hybrid media in one primitive. Not a detector's opinion. Not self-declared metadata anyone can strip. A receipt you — and the people who receive your media — can verify against an independent ledger.

What M.O.R. does not do: it does not prove truth from pixels alone, and Hive does not issue or certify C2PA / Content Credentials. M.O.R. binds and independently records the origin evidence and claims that accompany an asset — including watermark and detector outputs as signals, not verdicts — and grades how strongly that evidence can be checked. Origin is recorded and classified, not adjudicated.
The ladder · a media asset becomes a trust bundle
01 · the asset
Media asset
An image, video, audio clip, 3D asset, sensor capture, or publication asset.
02 · what came with it
Origin evidence
Model ID, prompt hash, source assets, edit chain, C2PA, signals, attestation, rights.
03 · the receipt
Media Origin Receipt™
Evidence + claims bound into one signed, classified, tamper-evident receipt.
04 · the record
Hive Ledger
The independent, offline-verifiable record the receipt is anchored in.
05 · at scale
R3Pv / Protected Flow
Receipts grouped into proof vectors and policy-bound flows across a pipeline.
06 · capitalized
Proof Credit / trust bundle
Provenance posture read as exportable evidence for buyers, platforms, and insurers.
The wedge · why the existing tools fall short

Detection guesses. Metadata is self-declared. M.O.R. is a receipt.

Each existing approach answers a narrower question, and each has a failure mode that shows up exactly when it matters. A Media Origin Receipt is not a replacement for any single signal — it is the independent record that carries all of them, plus the claims and attestations, into something a third party can verify.

Detection / classifier Metadata (EXIF, self-declared) Watermark Media Origin Receipt™
What it is A model guessing "AI or not" from the pixels. Fields the creator or tool wrote into the file. A pattern the generator embedded in the output. A signed record of the origin evidence and claims that came with the asset.
Independent of the creator? Partly — but it is still a guess. No — the seller vouching for the seller. Only if the issuer is trusted & intact. Yes — independently anchored on the Hive Ledger.
Survives editing / re-encoding? Degrades fast with edits. No — trivially stripped. Often broken by crops, filters, re-encodes. Records the edit chain instead of relying on survival.
Covers human + AI + hybrid? No — binary AI/not framing. Whatever was declared, if anything. No — generator-side only. Yes — one primitive for all three.
Verifiable by a third party? No — not reproducible. Only as far as you trust the writer. Needs the issuer's detector. Yes — check the receipt against the ledger.
Failure mode False positives / negatives, no audit trail. Silent, undetectable removal or forgery. Absent, stripped, or unreadable downstream. Honest gaps: it says what evidence is missing.
C2PA says what the file claims. M.O.R. says what an independent proof-state can verify now. Content Credentials travel inside the asset — and metadata can be stripped, lost in a re-encode, or edited. A Media Origin Receipt is an external current-state record: it stays queryable by identifiers (hashes, DIDs, asset IDs) even after the file's own metadata is gone. M.O.R. carries C2PA as evidence; it does not issue or certify it — Hive is not a C2PA authority. Detector and watermark outputs are recorded as signals, not verdicts.
The builder · turn origin evidence into a sample receipt

Build a Media Origin Receipt for your asset.

Pick the media type, state the origin claim, and toggle the evidence you actually have. The receipt below classifies the origin, grades how independently the evidence can be checked, and names the proof gaps — mechanically, from your inputs.

What is being claimed about how the media was made. M.O.R. records the claim and the evidence separately.
Verifiable markers can support independent verification; the others are recorded as claims or signals.
Rights / consent claimed for the asset. For voice & likeness, Consented records a consent reference — it does not verify consent.
M.O.R. is state-bearing: a receipt can carry an open or resolved origin/rights dispute without rewriting history.
Free-text context bound into the sample receipt as a hashed reference field. Do not paste secrets — this stays in your browser.
Media Origin Receipt · your asset
Live preview
Origin classification
The claim and the evidence, recorded side by side.
Evidence strength
Evidence tier
Evidence recorded on this receipt
Missing proof · gaps to close
What this receipt is — and is not
Request activation key →
example media-origin-receipt · downloaded above

        
Example library · real receipt shapes

Eight media cases, one receipt shape.

Each card loads a worked example into the builder above — modality, origin claim, evidence set, rights, and dispute state pre-filled — so you can see the receipt M.O.R. would record for that case. Click a card, then read the classification, gaps, and JSON it produces.

Try the API · issue and verify from the shell

Receipts are an endpoint, not a screenshot.

The receipt backend is live today. Health and a signed sample receipt return real envelopes right now; the M.O.R.-specific issue route is a labelled fast-follow. Pick a call, copy it, run it.

Backend health Live
Returns a real status envelope — manifest, replay DB, audit chain, capability graph.
curl -sS https://receipts.thehiveryiq.com/health
Benchmark · measured, not marketed

What the backend actually returns.

A local smoke run against the live endpoints. These are wall-clock round-trips from a single client — a health check, not a production SLA — but every number below is measured, not invented. Reproduce it with bash scripts/mor_smoke.sh.

Local smoke — receipts.thehiveryiq.com
run 2026-07-08T09:55Z · n=3/endpoint · median of total round-trip
Endpoint
Status
Median
Note
GET /health
200
~148 ms
envelope ok
GET /v1/governance/health
200
~121 ms
signer live
GET /v1/governance/sample-receipt
200
~128 ms
Ed25519 signed
POST /v1/media-origin
404
fast-follow
Local smoke — not a production benchmark. Latency includes network from the test client and cold-start variance; treat it as a liveness signal. The M.O.R. issue route returns 404 today by design — it is not yet deployed, and the site never fakes its envelope. Re-run bash scripts/mor_smoke.sh for fresh numbers.
View example receipt
Where M.O.R. becomes a market

One receipt, many provenance markets.

M.O.R. is horizontal — it reads whatever origin evidence a media pipeline already produces. The wedge differs by who is asking for proof on the other side.

Newsrooms · publishers
Publication-asset provenance
Every photo, clip, and graphic ships with a receipt an editor, wire service, or reader can check — origin recorded before publication, not litigated after.
NewsShield →
Studios · agencies · stock
Human, AI & hybrid rights proof
Bind model, source assets, edit chain, and rights boundary to each deliverable — a verifiable provenance tier buyers and platforms can trust.
Media provenance →
Expert-data · evals
Human-origin dataset attestation
Pair M.O.R. with OriginProof so every human-authored asset in a dataset carries independent origin attestation, not floating metadata.
OriginProof →
Robotics · autonomy
Sensor-capture chain of custody
Camera, lidar, and audio captures receipted at the edge — origin and edit chain preserved for incident review, audit, and insurers.
Machines →
Platforms · marketplaces
Upload-time origin receipts
Accept a receipt at upload instead of running a fragile detector after the fact — provenance carried with the asset across your boundary.
Receipt Relay →
Regulated & legal
Evidence-grade media exhibits
Media entered as evidence carries a signed origin record examiners and courts can verify offline — provenance backed by signatures, not screenshots.
Assurance →
Why this is the proof layer for the media era

Provenance you record, not provenance you argue.

Record at creation, not after the fact

The cheapest moment to capture origin is when the media is made. M.O.R. binds the evidence then, so provenance is a lookup later — not a forensic reconstruction.

Honest about what it doesn't know

A receipt that names its own gaps is worth more than a detector that projects false confidence. M.O.R. grades evidence and lists what is missing.

One primitive, every media type

Image, video, audio, 3D, sensor, and publication assets all resolve to the same signed receipt — verifiable against one independent ledger.

Where this fits · the primitive stack

Built on primitives that already ship.

M.O.R. invents no new trust. It records the origin evidence a media pipeline produces and anchors it in the same proof layer as the rest of Hive.

Explore the stack: OriginProof (human-origin attestation), Hive Ledger, Receipt Relay, R3Pv benchmark, Protected Flow Fleets, Proof Credit, media provenance, and Assurance. Verify any receipt at /verify/. Read the thinking: human-origin attestation and logs vs. receipts.