PoG (Proof-of-Generation) : Open Source Privacy-First AI Media Watermarking Provenance Registry

PoG is a lightweight, permissionless blockchain registry for AI-generated images/videos on Base L2 (~$0.001/tx). Records immutable metadata (tool, model, timestamp, pipeline, derivations) via events. Pairs with invisible watermarking for detection hints (not foolproof— but raises bar for most bad actors).

Simple Analogy (Layman's explanation):

PoG is an open‑source, privacy‑first provenance registry that lets AI tools cheaply log when and how images or videos were generated on-chain without revealing user identities. Think of it like public receipts for AI media: every time a generator creates an image or video, PoG issues a cryptographic “receipt” that anyone can later check, without exposing the buyer’s name or the contents of the receipt itself.

Deployed Contract: 0xf0D814C2Ff842C695fCd6814Fa8776bEf70814F3 (Base Mainnet, v2).

Table of Contents

• Problem Statement
• Quick Start
• Features
• Installation & Usage
• Testing
• Limitations & Warnings
• Adoption Guide
• Roadmap
• Contributing
• License

Problem Statement

The Problem we are solving

Every day millions of AI images and videos are created. Most of them look completely real. Today there is no easy, open, trustworthy way to answer:

• Was this made by AI or by a human?
• Which tool and settings were used?
• Was it edited later?
• Can the creator prove they made it first?
• Can the creator still stay anonymous?
• Is it possible to do this at an extremely low cost?

Big companies have closed solutions. Open-source had nothing that actually works today.

Advantages vs Everything Else

	PoG v2 (us)	C2PA (Adobe etc.)	Closed commercial tools
Open source	Yes	Partially	No
Works today	Yes	Mostly future	Yes (paid)
Costs ~$0.001 or less	Yes	Free (metadata only)	Expensive
Survives metadata strip	Yes (watermark + hash)	No (metadata easy to remove)	Sometimes
Privacy (no raw files)	100 %	100 %	Varies
Anyone can verify	Drag & drop	Needs special tools	Needs their app

Quick Start

Deploy (Done)

One-click verifiable AI images & videos — watermark + on-chain receipt for ~$0.001
Live contract: 0xf0D814C2Ff842C695fCd6814Fa8776bEf70814F3

Try the Gasless Demo (Free Forever)

Test PoG without a wallet — we pay the gas!

• Live Demo: https://pog.lzzo.net — Drop AI image → watermark + register free
• Features: Dark mode, optional download, real on-chain tx, instant verification
• Source: pog-gasless-demo repo
• Help keep it free: Send Base ETH to 0x97D240c4E2aad5601402726d676ee3Fe2E97EfA6 or Buy me a coffee

Strong = watermarked + tool-signed + on-chain
Medium/Weak = someone paid to claim it (still evidence)

For Web / React / Next.js / OpenAI Plugin Developers (30-second integration)

npx openapi-generator-cli generate -i https://raw.githubusercontent.com/TamTunnel/PoG/main/spec/pog-v2.openapi.yaml -g typescript-fetch -o src/pog-client

• Perfect TypeScript client with full types & docs
• OpenAPI spec

For Python / ComfyUI / A1111 / InvokeAI Developers (5 lines)

from pog_client import PoGClient
client = PoGClient(private_key=os.getenv("PRIVATE_KEY"))
tx = client.register("output.png", tool="ComfyUI", prompt="cyber cat")
print(f"https://basescan.org/tx/{tx}")

Verify any image (drag & drop)

python verifier/pog_verifier.py image.png
# → Strong / Medium / Weak / None + full provenance

• Full Spec: pog-v2.json — Event schema, hashes, attester rules for re-implementations.
• Watermark + Register in 5 lines: docs/watermark-integration.md
• Web / OpenAI plugin devs → use the OpenAPI spec: pog-v2.openapi.yaml (auto-generated SDKs)

Register (Generators)

git clone https://github.com/[yourusername]/PoG
cd python-client
pip install -r requirements.txt
export PRIVATE_KEY=0xYourWalletPrivateKey  # From Coinbase; secure!
python pog_client.py path/to/image.png --prompt "A cat in space" --tool ComfyUI --model Flux

Outputs tx hash. Check Basescan Events for Generated log.

Verify (Users)

cd ../verifier
pip install -r requirements.txt
python pog_verifier.py path/to/image.png

JSON with tiered signal (e.g., "Strong: Watermarked AI, PoG match").

Features

• Dual Hashes: Exact keccak(bytes) + perceptual (pHash for compress/crop).
• Derivations: parentHash for edits.
• Pipelines: Multi-tool (e.g., "ComfyUI:Flux|Runway:Edit").
• Attesters: Optional ECDSA sigs from tools.
• Batch: For videos.
• Tiered Detection: Strong/Medium/Weak/None.
• Privacy: Hashes only—no PII.
• Versioned: v2 events; extensible.
• Tool attesters → Strong tier: docs/attesters.md
• OpenAPI plugin spec - pog-v2.openapi.yaml (auto-generated SDKs)
• Creator anonymity: The on-chain receipt shows only a random Ethereum wallet address — no name, email, or IP. You stay 100 % pseudonymous while proving creation. (Tools can optionally sign for "Strong" trust without revealing you.) Note: Gas-less mode shows only the relayer wallet address, so the creator's wallet address is not linked at all - making this completely anonymous

Installation & Usage

Python 3.10+. Base wallet with ETH.

Client

from pog_client import PoGClient
client = PoGClient(private_key=os.getenv('PRIVATE_KEY'))
tx = client.register('image.png', tool='ComfyUI', prompt='A cat')
print(f"https://basescan.org/tx/{tx}")

Verifier

python pog_verifier.py image.png

Testing

pip install pytest pytest python-client/tests/ -v pytest verifier/tests/ -v

Limitations & Warnings

Proves claims, not truth (evadable by attacks). User pays gas (~$0.001/tx). Pseudonymous; hash prompts only.

Adoption Guide

See docs/adoption-guide.md.

Roadmap

• Gasless relayer (zero user cost): docs/gasless.md ← Q1 2026
• Threat model & honesty: docs/threat-model.md
• Multi-chain + ZK proofs: 2026–2027

Contributing

Fork → PR to main. Conventional commits.

License

Apache 2.0 © 2025 [TamTunnel]. See LICENSE.