If you've seen "Made with AI" labels on Instagram or LinkedIn, you've seen C2PA in action. But what exactly is C2PA, how does it work, and what does it mean for creators?
What is C2PA?
C2PA stands for Coalition for Content Provenance and Authenticity. It's an open technical standard developed by Adobe, Microsoft, Google, Intel, BBC, and others to embed verifiable provenance information into digital media files.
In plain terms: C2PA is a digital certificate baked into an image file that says "this image was created by [tool X] at [time Y] by [account Z]." It's cryptographically signed, so it can't be forged — only stripped.
How does C2PA work technically?
C2PA data is stored in a JUMBF (JPEG Universal Metadata Box Format) container embedded in the image file. It contains:
- Assertions — Claims about how the content was created (e.g., "generated by DALL-E 3")
- Signature — A cryptographic signature from the creator's certificate chain
- Manifest — A container linking assertions and signatures together
- Ingredient references — Links to source materials if the image was derived from others
When a platform like Instagram receives an image, it reads the JUMBF container, validates the signature chain, and displays the provenance information to users.
Which AI tools embed C2PA?
- OpenAI (DALL-E 3, GPT-4o images) — Full C2PA with OpenAI signature
- Adobe Firefly — Comprehensive CAI/C2PA implementation
- Google Gemini — C2PA plus SynthID pixel watermark
- Midjourney — C2PA added in late 2024
- Leonardo.Ai — Recent versions include C2PA
- Stable Diffusion — Not natively, but some platforms add it
Can C2PA be removed?
Yes. C2PA is metadata — it lives in the file container, not in the pixel data. Re-encoding the image through an HTML Canvas, or using a dedicated tool like okie.fun's AI Strip, removes the JUMBF container entirely. The resulting image has no provenance data.
This is different from pixel-level watermarks like SynthID, which survive metadata stripping.
Should you remove C2PA from your images?
It depends on your use case. If AI is just one tool in your creative workflow and the "Made with AI" label misrepresents your process, removing C2PA is a practical option. If you're publishing fully AI-generated content, consider whether transparency serves your audience.
okie.fun provides the tool — the choice is yours.