Sign Your Content with C2PA Credentials
Content credentials are cryptographic signatures that permanently link your identity to your creative work. Once signed, anyone can verify that you created the content and that it hasn't been tampered with.
What Content Credentials Include
Content Hash
SHA-256 fingerprint of your content
Creator Identity
Your DID and public key
Timestamp
When the content was signed
Cryptographic Signature
Ed25519 digital signature
How to Sign Content
Go to Credentials Settings
Navigate to Settings → Credentials in your dashboard. This is where you'll manage all your content credentials.
Tip: You can also access this directly at xcr.sh/settings/credentials
Upload Your Content
Click the upload area to select your file. We support images, videos, audio, PDFs, and documents.
Drop your file here or click to browse
Add Metadata
Fill in the details about your content:
Title
Give your content a descriptive name
AI Disclosure
Mark if content was AI-generated and which tool was used
Training Permissions
Set whether your content can be used for AI training
Enter Your Password
Your password is required to unlock your private key and create the cryptographic signature. This ensures only you can sign content.
Your password never leaves your device
We use client-side decryption. Your password is only used locally to unlock your private key.
Sign & Share
Click "Sign Content" to create your credential. You'll receive a unique content hash that anyone can use to verify your content.
Your verification URL:
https://xcr.sh/verify?hash=e3b0c44298fc1c149afbf4c8...Important to Know
Credentials are permanent. Once signed, the credential cannot be modified or deleted. Make sure your metadata is correct.
The hash is content-specific. Any modification to the file (even a single byte) will produce a different hash.
Your private key is secure. It's encrypted with your password and stored safely. We never have access to it.