MEDIA PROVENANCE · Live since 2026-05-08

Synthetic media will out-pace human content in 2026. NewsShield gives every real asset a post-quantum birth certificate that survives any forge.

Generative-AI video reaches feature-film realism this year and projected deepfake-driven fraud crosses $40B in annual losses by 2027. EU AI Act Article 50 makes AI-content disclosure and watermarking mandatory in August 2026 with non-compliance penalties up to EUR 15M or 3% of global revenue. NewsShield is the receipt rail underneath the trusted-news distribution graph: every state in a media asset’s lifecycle — capture, ingest, edit, fact_check, publish, syndicate, embed, takedown — bound to a dual-signed (Ed25519 + ML-DSA-65) post-quantum-ready envelope that newsrooms, wire services, broadcasters, and platforms verify offline. C2PA 2.1 compatible. Ed25519 alone falls to a quantum adversary; NIST FIPS 204 (ML-DSA) does not. Per asset: $0.05 per image, $0.25 per video.

Reach Steve See a verification

capture→ingest→edit→fact_check→publish→syndicate→embed→takedown

The ROI on a single newsroom’s daily wire

NewsShield ingests events from any camera firmware, NLE / DAW plugin, DAM ingest pipeline, CMS publish hook, or syndication gateway already in place. Every lifecycle transition becomes a dual-signed receipt with a chain pointer to its predecessor. The numbers a Head of News Technology or a Director of Trust & Safety presents to the board are these.

Deepfake fraud loss

$40B+ by 2027

Projected annual deepfake-driven fraud losses per Deloitte’s Center for Financial Services. Verifiable provenance is the pull defense — trusted assets carry signed origin; the rest is denied the benefit of the doubt by default.

EU AI Act Article 50

Aug 2026

Watermarking and AI-content disclosure mandatory under Article 50 of the EU AI Act. Non-compliance: up to EUR 15M or 3% of global annual turnover, whichever is higher. NewsShield’s tamper-evident disclosure binding lands inside that deadline.

Per-asset cost

$0.05 — $0.50

$0.05 / image and $0.25 / video Standard; $0.10 / image and $0.50 / video Cosmic (extended C2PA + AI-content disclosure). A newsroom publishing 5,000 assets / day runs $250–$1,250 / day, or roughly $90K–$450K / year — against a $2M flat platform license for unlimited.

AP daily volume

~3,000 photos / day

The Associated Press distributes roughly 3,000 photos and 500 videos per day to member outlets per AP’s about page, with the AP Content Authenticity program already running on C2PA. At Cosmic rates, full daily coverage is on the order of $250K–$400K / year.

C2PA-only failure mode

Ed25519 falls

The C2PA 2.1 specification defaults to classical signatures. NewsShield adds ML-DSA-65 per NIST FIPS 204, so the same provenance stamp survives a quantum-capable adversary. Existing CAI tooling keeps the editor workflow.

Time to integrate

< 1 week

Drop the SDK in your camera firmware, NLE plugin (Adobe Premiere, Avid, DaVinci Resolve, Final Cut), DAM, or CMS publish hook. No data-model changes. The existing Content Authenticity Initiative Inspect button keeps working.

A wire service running roughly one million captioned photos and 200,000 videos a year spends on the order of $100K–$200K / year on receipts at the Standard tier — against a single fabricated-photo retraction event that already costs an outlet seven to eight figures in legal exposure, advertiser flight, and editorial credibility. The unit math defends itself.

Contents

Receipt rail, not a deepfake detector
A $50M deepfake earnings-call rejected in 90 seconds
Live verification — what a verifier sees
Standards — what NewsShield adds
3-step integration path
The 11 MCP tools
The asset envelope
What this is not
Pricing
Field map

For newsrooms, wire services, and platforms

NewsShield is a horizontal cryptographic-evidence layer extending C2PA Content Credentials with post-quantum assurance — not a replacement for Adobe’s Content Authenticity Initiative, Truepic, or Reality Defender. CAI tooling owns the editor workflow and the Inspect button. NewsShield owns the cryptographic durability that survives quantum-capable adversaries and large-scale provenance forgery: the same Inspect button, with a second signature underneath that still verifies in 2046. The Associated Press, Reuters, BBC, NYT, WaPo, Bloomberg, AFP, YouTube, TikTok, Meta, and X keep the C2PA stack they already have and bind it to a tamper-evident chain that any verifier resolves offline.

Receipt rail, not a deepfake detector

Deepfake-detection vendors look at the pixels and guess. Watermarking schemes mark the synthetic content and hope the watermark survives. NewsShield does neither. It produces the cryptographically-anchored receipt that proves a real asset is real — from the camera body that captured it, through every editor, fact-checker, and publisher that touched it, to the platform that embedded it. That separation is the point.

LAYER 3

Editor workflow, deepfake detection, watermarking — Adobe Content Authenticity Initiative, Truepic, Reality Defender, Deeptrace, Sony Camera Authenticity Solution, Canon Content Credentials, Premiere, Avid, DaVinci Resolve, Final Cut, CMS / DAM. Capture, edit, ingest, classification, model-side disclosure.

LAYER 2

NewsShield receipt rail. Dual-signed lifecycle receipts — capture, ingest, edit, fact_check, publish, syndicate, embed, takedown — aligned to C2PA 2.1, EU AI Act Article 50, NIST FIPS 204 / 203, W3C Verifiable Credentials, IPTC PhotoMetadata, ASTP / EO 14110, ISO/IEC 27037.

LAYER 1

Base 8453 anchoring · Ed25519 (RFC 8032) + ML-DSA-65 (NIST FIPS 204) · USDC settlement via x402 · CBOR-canonical envelopes.

Every newsroom, wire service, broadcaster, and platform produces the same kind of evidence under different vendor names. The evidence is platform-neutral — that is what makes it defensible to a regulator under the EU AI Act, to a litigator under ISO/IEC 27037 digital-evidence handling, or to a verifier with no network access.

How NewsShield kills a $50M deepfake earnings-call manipulation in 90 seconds

A specific, narrated example. A synthetic CFO video drops on social at 09:31 ET claiming a guidance update is being walked back. Bloomberg Terminal quotes spike on velocity-trigger algos. The real earnings call ran at 09:00 ET and is already on tape. The clock is the only thing that matters now.

Capture. The earnings-call camera body fires newsshield_capture_attest at 09:00:04 ET. Receipt binds asset_id, capture DID (camera body / mic array), media SHA-256, C2PA manifest hash, and ai_content_disclosure: false. Dual signatures applied. Anchor on Base 8453.

Edit → fact_check. Producer’s NLE fires newsshield_edit_attest with editor DID, edit decision list hash, and chain pointer. Standards desk fact-checks the clip and the chain pointer threads forward; no orphan edits.

Publish. CMS fires newsshield_publish_attest with publisher DID and chain pointer to the edit. The signed asset goes to the wire at 09:18 ET with a CAI-compatible Content Credentials manifest carrying both Ed25519 and ML-DSA-65 signatures.

Synthetic clip drops at 09:31 ET. Velocity-trigger algos hit. Bloomberg Terminal lights up. The synthetic clip carries no NewsShield envelope — no capture DID, no chain, no signatures — and no valid C2PA manifest from the issuer the publisher key authorities trust.

Platform verifier rejects in 90 seconds. YouTube / TikTok / Meta / X verifiers run newsshield_chain_verify against the genuine clip; Ed25519 + ML-DSA-65 verify, chain reconciles to the camera capture, ORIGIN: ASSOCIATED PRESS stamp lights green. The synthetic clip fails verification and is throttled by the trust-and-safety queue.

Stock reverts. Investors see signed real, ignore unsigned fake. The fabricator does not get the $50M move. Same chain answers a future SEC inquiry, EU AI Act Article 50 audit, and any litigation discovery without re-collection — the receipt is the evidence.

Live verification — what a verifier sees

The envelope is CBOR-canonical and verifies offline against the issuer’s published public keys — no Hive call required at verification time. The panel below is the same shape every browser extension, social-platform verifier, broadcast partner, or court-admissible inspection tool renders.

newsshield_chain_verify · asset_id = 01J5K-NS-ASSET-9F7C2A VERIFIED

// CBOR-canonical media-asset lifecycle envelope, JSON-rendered { "asset_id": "01J5K-NS-ASSET-9F7C2A", "asset_kind": "video", "capture_did": "did:hive:camera:0xa19c…7d41", "editor_did": "did:hive:editor:0x88f3…c104", "publisher_did": "did:hive:publisher:ap:0x4e21…b8c0", "c2pa_manifest_hash": "sha256:9b2f7c…a14d", "media_hash": "sha256:71d3ea…ff04", "ai_content_disclosure": false, "published_at": "2026-05-08T09:18:42Z", "prior_attestation_id": "01J5K-NS-EDIT-7F2A91", "chain_length": 5, "sig_ed25519": "4c7d…e211", // RFC 8032 "sig_mldsa65": "f9a1…3d04" // NIST FIPS 204 }

[ok] Ed25519 signature valid · issuer key fingerprint k1:8c2a…

[ok] ML-DSA-65 signature valid · issuer key fingerprint kq:b71d…

[ok] Chain reconciled · 5 / 5 lifecycle states verified offline (capture → publish) · ORIGIN: ASSOCIATED PRESS

[ok] C2PA 2.1 manifest hash matches · ai_content_disclosure flag bound · EU AI Act Article 50 disclosure satisfied

That panel is the entire product surface a platform verifier or a court needs. No demo. No login. The evidence is its own proof, and the proof works in fifty years on a laptop with no internet.

Standards — what NewsShield adds

Every existing media-provenance standard answers a different question. NewsShield does not replace any of them — it adds the cryptographic binding that makes each one defensible after the fact, including against quantum-capable adversaries.

Standard	Coverage	What NewsShield adds
C2PA 2.1	Content Credentials manifest, claim generator chain, ingredient assertions	ML-DSA-65 post-quantum signature alongside the C2PA manifest hash
EU AI Act Article 50	AI-content disclosure + watermarking, mandatory August 2026	Tamper-evident `ai_content_disclosure` binding for the Article 50 deadline
FIPS 204 (ML-DSA)	NIST post-quantum digital signature standard	Default dual-sign on every NewsShield receipt
FIPS 203 (ML-KEM)	NIST post-quantum key encapsulation standard	Optional encrypted-channel attestation for source-protection workflows
W3C Verifiable Credentials	Issuer / holder / verifier model	Newsroom-as-issuer credentialing under the `did:hive` method
ASTP / EO 14110	US AI safety + watermarking guidance	NIST-aligned watermark binding for US federal procurement
ISO/IEC 27037	Digital evidence identification, collection, preservation	Forensic-grade chain-of-custody for legal admissibility
IPTC PhotoMetadata	News photo metadata standard, XMP namespace	Receipt envelope rides inside the IPTC XMP namespace without breaking ingest
Adobe CAI	Content Authenticity Initiative tooling, Inspect button	NewsShield manifest is CAI-compatible — the same Inspect button works

3-step integration path

Drop the SDK in the camera firmware (Sony Camera Authenticity Solution, Canon Content Credentials), NLE plugin (Adobe Premiere, Avid, DaVinci Resolve, Final Cut), DAM ingest, or CMS publish hook. One sidecar per environment. No editorial workflow changes, no Inspect-button changes.

Fire newsshield_capture_attest, newsshield_edit_attest, and newsshield_publish_attest on each lifecycle transition. Add newsshield_syndicate_attest and newsshield_takedown_attest as those events occur. Chain pointers resolve automatically; the lifecycle thread builds itself from camera body to publish.

Verifiers (browser extension, social platform, broadcast partner, court) check the chain offline. The Inspect button shows full custody from camera to publish. Platforms reject unsigned synthetic content by default. EU AI Act Article 50 disclosure obligations resolve from the same chain without re-collection.

The 11 MCP tools

Tool	Purpose
`newsshield_capture_attest`	Attest a capture event with camera / mic DID and media hash.
`newsshield_edit_attest`	Attest an edit step with NLE / DAW DID and edit-decision-list hash.
`newsshield_publish_attest`	Attest a publish event with publisher DID and chain pointer to the edit.
`newsshield_syndicate_attest`	Attest a syndication event with chain pointer to the publish.
`newsshield_takedown_attest`	Attest a takedown with chain pointer to the publish.
`newsshield_asset_get`	Retrieve a stored asset envelope by id.
`newsshield_asset_verify`	Verify both signatures (Ed25519 + ML-DSA-65) on a stored asset.
`newsshield_chain_verify`	Verify the full lifecycle chain for an asset — capture through takedown.
`newsshield_by_publisher`	Paginated history by publisher DID.
`newsshield_pricing`	Read live pricing surface.
`newsshield_health`	Health probe.

Eleven tools, all live in production. Contact for MCP integration credentials and the full well-known manifest.

The asset envelope

Every newsshield_*_attest call returns an envelope containing asset id, asset kind (image / video / audio / document), capture DID, editor DID, publisher DID, C2PA 2.1 manifest hash, raw media SHA-256, an ai_content_disclosure boolean for EU AI Act Article 50, prior-attestation id, and dual signatures (Ed25519 + ML-DSA-65). The signatures bind every field. Any tamper attempt invalidates verification.

The envelope is CBOR-canonical. Verification works offline against the issuer’s published public keys. ML-DSA-65 (NIST FIPS 204) is the post-quantum signature; Ed25519 (RFC 8032) provides classical assurance. Both must verify for the receipt to be valid. Receipts remain valid through key rotation via signed key history, so a 2026 photo on the wire is still defensible in a 2046 archival inspection.

What this is not

Calibrated expectations are part of the product. NewsShield is narrow on purpose.

NOT

A deepfake-detection model. Pixel-level classification belongs to Truepic, Reality Defender, Deeptrace, and the platform trust-and-safety stacks.

NOT

A content-moderation tool. We do not score, rank, throttle, or remove content. Platforms moderate; NewsShield records.

NOT

A replacement for editorial judgment. The standards desk decides what runs; NewsShield records the lineage cryptographically.

NOT

A watermark on synthetic content. Marking AI output is the model vendor’s job under EU AI Act Article 50; NewsShield marks the real.

NOT

A C2PA replacement. The C2PA 2.1 manifest stays exactly where it is; NewsShield adds a second signature alongside it.

NOT

A CAI replacement. Adobe’s Content Authenticity Initiative editor tooling and Inspect button keep working unchanged.

The cryptographic provenance rail underneath the entire trusted-news distribution graph. Newsrooms, wire services, broadcasters, deepfake-detection vendors, social platforms, and CAI-aware editors all run cleaner with a dual-signed receipt under each lifecycle transition.

Pricing

Tier	Per image	Per video	Annual band
Standard	$0.05	$0.25	$50K — $1M
Cosmic (extended C2PA + AI disclosure)	$0.10	$0.50	$200K — $4M
Enterprise (newsroom-wide, unlimited)	flat	flat	$2M / year
Unlimited (single newsroom, all volumes)	flat	flat	$9,999 / month

Annual contracts $50K–$4M for per-asset metering; the $2M Enterprise platform license is flat for newsroom-wide unlimited and is the default fit for AP, Reuters, BBC, NYT, WaPo, Bloomberg, AFP. Custom integrations into camera firmware, NLE plugins, DAMs, and platform trust-and-safety pipelines are available at the Enterprise tier. Settlement: USDC on Base 8453 via x402. Treasury exists. Receipts settle in seconds; invoicing is monthly net-30 by default.

Field map

NewsShield binds every media-asset lifecycle transition to a dual-signed receipt that drops cleanly into existing C2PA 2.1, IPTC XMP, EU AI Act Article 50, and CAI Inspect pipelines. Each call accepts the correlation fields below; the envelope round-trips through standard JSON / CBOR transports via the Hive Receipt primitive.

Field	Format	Maps to
`asset_id`	UUID	Internal asset correlation id; C2PA manifest claim id; IPTC `DigitalSourceIdentifier`
`asset_kind`	enum	`image`, `video`, `audio`, `document`
`capture_did`	did:hive:camera:…	Camera body / microphone / sensor identity — Sony, Canon, Nikon, Leica, FUJIFILM, broadcast-camera DIDs
`editor_did`	did:hive:editor:…	NLE / DAW editor identity — Adobe Premiere, Avid Media Composer, DaVinci Resolve, Final Cut Pro
`publisher_did`	did:hive:publisher:…	Publisher organization — AP, Reuters, BBC, NYT, WaPo, Bloomberg, AFP, member outlet
`c2pa_manifest_hash`	sha256 hex	SHA-256 of the C2PA 2.1 Content Credentials manifest, including ingredient assertions
`media_hash`	sha256 hex	SHA-256 of the raw media payload — pixels, samples, frames as delivered
`ai_content_disclosure`	bool	EU AI Act Article 50 disclosure flag, tamper-evident
`prior_attestation_id`	UUID	Chain-of-custody pointer to the prior lifecycle event in this asset thread

Cross with HiveComply when EU AI Act, SOC 2, or ISO/IEC 27037 audits are in scope — HiveComply ingests NewsShield receipts natively. Cross with Atticus when a defamation or misinformation case escalates to litigation.

A real conversation, not a demo black hole

If you are a CTO, Head of News Technology, Standards lead, or Director of Trust & Safety who has already done the math on EU AI Act exposure and the cost of a single fabricated-photo retraction, the fastest path is a direct note. No qualification gate, no SDR. Steve reads them.

Reach Steve See a verification

Live since 2026-05-08 · 11 MCP tools · C2PA 2.1 / EU AI Act Article 50 / FIPS 204 / W3C VC / IPTC / Adobe CAI compatible · Dual-signed (Ed25519 + ML-DSA-65) · Settles USDC on Base 8453

Frequently asked

Questions buyers actually ask

What does NewsShield attest?

Every media asset state — capture, ingest, edit, fact_check, publish, syndicate, embed, takedown — is bound to a dual-signed (Ed25519 + ML-DSA-65) post-quantum-ready receipt that any party can verify offline.

How does NewsShield work with C2PA?

NewsShield is C2PA 2.1 compatible. The C2PA manifest carries the dual signatures alongside its native claims, so any C2PA-aware verifier sees the post-quantum binding without modification.

Why post-quantum signatures for media?

Synthetic media will out-pace human content in 2026. A purely classical signature on a real asset is brittle against future cryptographic attack. ML-DSA-65 (NIST FIPS 204) keeps the provenance valid past the quantum-relevant horizon.

What does each receipt cost?

$0.05 per image-grade media provenance receipt. Annual contract pricing available for newsrooms and content networks. Settlement is in USDC on Base 8453 via x402.

How are signatures verified?

ML-DSA-65 (NIST FIPS 204) is the post-quantum signature; Ed25519 (RFC 8032) provides classical assurance. Both must verify for the receipt to be valid. Verification works offline against the issuer's published public keys.

Is NewsShield a watermark?

No. Watermarks are removable and forgeable. NewsShield is a cryptographic envelope bound to the asset hash, signed twice, anchored to the publisher's DID.

Hive runs the receipt rail underneath the broader A2A · agent-to-agent commerce category.