Inspiration

Upon seeing many creative works online being stolen with no way for owners to prove its theirs, we wanted to help solve that.

What it does

Imprint helps protect creative works from AI and bad actors using cryptography. Imprint is a decentralized proof-of-authorship platform that lets creators establish verifiable ownership of their work without uploading the files themselves. Imprint generates cryptographic fingerprints (SHA-256) for files you upload, then signs them with an Ed25519 keypair tied to your decentralized identity (DID). This creates a tamper-proof, timestamped record proving you possessed the work at a specific time.

Creators can also customize their certificate, whether they allow AI training, commercial use, derivatives, or require attribution. And for images, Imprint uses perceptual hashing (pHash) to detect compressed or slightly altered versions of your work during verification.

With Imprint, your files never leave your device, only fingerprints and signatures are stored, preserving complete privacy while enabling public verification.

How we built it

  • Frontend: Next.js with React and TypeScript for a responsive UI
  • Cryptography: The @noble library for client-side key generation, signing, and hashing
  • Perceptual Hashing: Custom DCT-based pHash implementation using HTML Canvas for image similarity detection
  • Backend: Next.js API routes with Prisma ORM connecting to Supabase (PostgreSQL)
  • Identity: DID:key format for self-sovereign, portable creator identities
  • Deployment: Multi-stage Docker build with docker-compose for containerized deployment

Challenges we ran into

  • Switching databases: Originally, we used SQLite, but decided to switch to Supabase to store the records online so they can be synced across devices.
  • Client-side cryptography: Implementing Ed25519 signing in the browser while ensuring deterministic canonical JSON serialization for consistent signatures across platforms
  • Perceptual hashing accuracy: Tuning the DCT coefficients and Hamming distance threshold to catch compressed images without false positives
  • Database migration: Moving from a local database to Supabase while maintaining data integrity and updating the Prisma adapter
  • Dependency conflicts: Resolving compatibility issues between Next.js 16, React 19, and various cryptographic libraries

Accomplishments that we're proud of

  • True privacy preservation: Files never leave the user's device; only cryptographic proofs are stored
  • Dual-hash verification: Combining exact SHA-256 matching with perceptual hashing catches both identical files and visually similar variants
  • Self-sovereign identity: Users control their own Ed25519 keypairs with no platform lock-in
  • Complete verifiability: Anyone can verify a record using just the public key and original file, no trust in our platform required

What we learned

  • How to implement Ed25519 digital signatures and DID:key identifiers from scratch
  • The mathematics behind DCT-based perceptual hashing and Hamming distance similarity
  • Designing privacy-first architectures where sensitive operations happen client-side
  • Building canonical JSON serialization for deterministic cryptographic payloads
  • The vast possibilities of using cryptography to protect whats important.

What's next for Imprint

  • TBD

Built With

Share this project:

Updates