Divine Inquisitor C2PA verification for human-made media
Public receipts for provenance

Human-made media needs receipts.

Divine Inquisitor checks C2PA content credentials so you can see whether a file carries real provenance, who signed it, and what the verification run actually found. No pitch-deck fog. No slop-friendly shrugging.

Check files or URLs Run the same `POST /verify` flow the service exposes to builders.
See the signer Get the verdict, issuer details, validation state, and raw response without leaving the page.
Keep it human Use provenance checks to understand what was signed, what was captured, and what still looks suspicious.

What the service does

Inquisitor reads C2PA content credentials and turns them into something you can use: a verdict, signer data, validation results, captured metadata, ingredient references, and a timestamped response you can pipe into your own systems.

This page is story first, lab second, docs third on purpose. People should understand why provenance matters before we throw them into a wall of fields. Builders still get the full contract below. We are not hiding the sharp edges. We are just introducing them like adults.

The live lab uses the same route your app would hit. The result view stays balanced on purpose: clear verdict up top, the important provenance and validation panels already open, and the deeper forensic trail a click away.

What it checks Manifest presence, validation state, signature information, proof mode detection, capture details, actions, assertions, and ingredients.
What it does not do It does not magically bless a file as morally pure. It tells you what provenance data exists and whether the cryptographic checks held up.

Live verification lab

Upload bytes or point the service at a public asset URL. Both paths hit the same verifier. The result surface stays readable first and honest second.

Drop a file to verify Images, video, audio, or PDF. Click to browse if dragging is not your thing.

Binary mode sends `application/octet-stream` and sets `X-Mime-Type` from the selected file or extension guess.

URL mode sends JSON to `POST /verify`. If MIME type is empty, the backend falls back to its default and URL inference rules.

Checking the credentials

The verifier is running. If this is URL mode, the service is fetching up to its configured range window before inspection.

Run a check and the result lands here.

You will get a human-readable verdict first, then open provenance and validation panels, then the deeper sections like assertions, ingredients, content hash, and raw JSON.

Quickstart

Use the public service in one of two ways: send raw bytes, or send a JSON body with a URL. The same response schema comes back either way.

Binary upload

Post raw bytes

Use this when you already have the file in-hand and want direct verification without any remote fetch step.

curl -X POST https://inquisitor.divine.video/verify \ -H "Content-Type: application/octet-stream" \ -H "X-Mime-Type: image/jpeg" \ --data-binary @asset.jpg
URL mode

Post a public URL

Use this when the asset is already published and the service can fetch it. You can supply `mime_type` when URL inference is not enough.

curl -X POST https://inquisitor.divine.video/verify \ -H "Content-Type: application/json" \ -d '{"url":"https://example.com/file.jpg","mime_type":"image/jpeg"}'

API reference

This is the working contract on the page, not a teaser. Builders should be able to wire the service up from here without opening another tab.

POST /verify

Verification endpoint

  • Accepts either raw bytes or JSON based on `Content-Type`.
  • `application/octet-stream` expects raw bytes and reads `X-Mime-Type` plus optional `X-Content-Hash`.
  • `application/json` expects `{ "url": "...", "mime_type": "..." }`.
  • Returns a `VerifyResponse` JSON body either way.
GET /health

Health metadata

Returns a small JSON payload with service name, status, version, and optional git SHA. Good for service checks and quick diagnostics.

curl https://inquisitor.divine.video/health
GET /metrics

Prometheus scrape

Returns Prometheus-formatted metrics from the running process, including verification request counters.

curl https://inquisitor.divine.video/metrics
Headers

Request details that matter

  • `Content-Type: application/octet-stream` for raw bytes.
  • `Content-Type: application/json` for URL mode.
  • `X-Mime-Type` should match the asset class when posting bytes.
  • `X-Content-Hash` is optional and enforces a SHA-256 content hash match.

Response fields

`VerifyResponse` keeps the top-level answer simple and the deeper data explicit. These are the fields the live lab is rendering.

`has_c2pa` / `valid` / `validation_state`

The high-level outcome. `validation_state` reflects the verifier state directly, while `valid` answers the blunt question fast.

`signer` / `claim_generator`

Human-friendly identity and claim generator hints from the active manifest.

`is_proofmode`

Heuristic flag for ProofMode-generated content based on claim generator text or assertion labels.

`capture_device` / `capture_time`

EXIF-derived capture details when the manifest exposes them.

`signature_info`

Issuer, serial number, signing time, algorithm, and revocation status when signature metadata is available.

`actions` / `assertions` / `ingredients`

The manifest trail: action labels, raw assertion labels, and ingredient references from the active manifest.

`validation_results`

Counts for passed and failed checks plus failure codes when validation details are available.

`content_hash` / `verified_at`

The SHA-256 hash the service computed and the timestamp for when verification was performed.

`error`

Transport, parsing, or verification error message when the run does not produce a normal inspection result.

Operational notes

These are the defaults the current service starts with. If you rely on them in automation, keep your deployment env vars in sync with what you document.

Body size limit: 100 MB The app layer and request body limiter are both configured around the same maximum request size.
URL fetch window: 2 MiB URL mode uses range fetch behavior and does not blindly download the entire remote object by default.
Request timeout: 30 seconds Remote URL verification uses the service HTTP client timeout.
Asset classes Current UI supports images, video, audio, and PDF. The verifier renders the MIME type you provide or infer.
Service probes `GET /livez` and `GET /readyz` are probe endpoints. `GET /health` is for basic status metadata, and `GET /metrics` is for scraping.