Invisible digital stamps for protecting creative work. Upload a file (images, documents, audio, video, etc.), register a cryptographic hash and RSA identity signature, optionally embed resilient image watermarks for photos, and verify authenticity later through multiple layers.
Why ProofStamp? (vs. Blockchain/NFT/Email-yourself)
Blockchain/NFTs are public, expensive, and require crypto wallets; emailing yourself is legally flimsy and easily spoofed. ProofStamp offers cryptographically secure, legally compliant (BSA 2023 Sec 63), privacy-first digital forensics—without gas fees or making your private work public.
- Architecture & Directory Structure
- Quick Start
- Documentation
- Processes & Features
- Contributing
- License
ProofStamp is a monorepo consisting of three main microservices:
proofstamp/
├── client/ → React + Vite + Tailwind + shadcn/ui (port 5173)
├── server/ → Node.js + Express + Prisma (port 3001)
├── stego-service/ → Python + FastAPI + Pillow (DWT‑DCT watermark) (port 8000)
├── prisma/ → Database schema & migrations
├── docs/ → Detailed guides, compliance, and API docs
│ └── research/ → Foundational research and legal text references
├── scripts/ → Testing and utility scripts
├── .github/ → Open source issue & PR templates
└── docker-compose.yml
The fastest way to run all 3 services locally is using Docker Compose:
docker compose up --buildFor detailed local setup instructions and manual environment configuration, please refer to the Local Setup Guide.
Dive deeper into ProofStamp's capabilities and compliance:
- Local Setup Guide
- Technical Architecture
- Indian Legal Compliance (BSA 2023)
- AI Protection Guide
- Verification & Legal Guide
- Identity: Google OAuth → Proof Passport (
PP-YYYY-XXXXX) with RSA‑2048 keypair.
- Stamp: File upload → SHA‑256 fingerprint → RSA signature tied to Passport → sequential proof chain linking block hashes. For raster images only: perceptual hashing (pHash/dHash), optional embeddings, DWT‑DCT invisible watermark, Cloudinary originals, Certificate PDF generated in background.
- Verification: Upload or Stamp ID lookup → Exact hash → Perceptual / embedding similarity → watermark extract → cryptographic signature & chain checks where applicable.
- Enforcement: Similarity detection → infringement evidence compilation → auto-generated takedown package (DMCA notice, certificates, proof chain, and supporting artifacts) → creator review and submission.
Every stamp includes:
- RFC 3161 timestamp (FreeTSA by default; set
TSA_URL/TSA_CA_CERT_PATH) - BSA 2023 Section 63 system certificate PDF (India electronic evidence helper)
- Counsel Evidence Packet —
GET /legal/:stampId/litigation-pack - Creator attestation —
POST /legal/:stampId/attest
We love our contributors! Whether you're fixing bugs, adding new features, or improving documentation, your help is welcome.
Please read our Contributing Guide to get started with setting up your dev environment and submitting a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.










