I’ve recently been doing a lot of reading about provenance tracking, content authenticity, and AI model training policy enforcement and started working on PACT in an attempt to address some of the issues I saw.PACT is an open-source toolkit for signing content claims, attaching machine-readable policy metadata to files, and verifying those claims against a hosted trust registry. The initial use case is AI-training policy/provenance: for example, letting a content creator publish a signed “no commercial training” policy record in a way that preserves the privacy of the content and the creator.Some of the features are: - Actions are append-only (an event log with Merkle batch disclosure) so the registry s full history is publicly auditable. - User identities are registry-scoped to prevent cross-registry tracking, and user identifiers are generated using a blinded OPRF, so the registry never sees raw device data or the derived token - Content commitments are salted, so the registry can hold a valid claim without ever receiving the actual content, and can t be used to reverse-lookup content from the public record - Content commitments are salted, so the registry can hold a valid claim without ever receiving the actual content, and can t be used to reverse-lookup content from the public record. - The ability to dispute potentially fraudulent claims and some initial work to attempt to identify competing claims and possible violations of AI training policiesIm currently hosting a registry instance here: https://ncryptai.com/pact (no login required).I’d appreciate any feedback and/or requests for features you think might be useful.