What is AIOSchema?

AIOSchema is an open, technology-agnostic metadata framework designed to establish, maintain, and preserve the integrity, authenticity, and provenance of digital and physical assets.

It defines a minimal, verifiable Core Block, an extensible Extension Block, and optional durable anchoring through cryptographic timestamping. The result is a provenance layer that works across every platform, every content type, and every ecosystem — with no vendor lock-in, no proprietary dependencies, and no gatekeepers.

A developer can read the specification in under an hour and produce a working implementation in a day.

The Problem

Digital content has no universal way to prove what it is, when it was created, or who created it. Metadata is stripped by platforms, altered by processing pipelines, and lost in transit. AI-generated content is indistinguishable from human-created content without provenance. Physical assets entering digital workflows lose their chain of custody at the scan boundary.

Existing solutions are either proprietary, heavyweight, or tied to specific ecosystems. There is no lightweight, open, universally implementable standard for content provenance that works everywhere and depends on nothing.

AIOSchema was created to fill that gap.

How It Works

Every AIOSchema manifest is a small JSON file with two parts: a Core Block and an optional Extensions Block.

The Core Block contains five architecturally frozen fields: a unique asset identifier, the specification version, a creation timestamp, a cryptographic hash of the original file, and a creator identity. From these five fields, a core_fingerprint is derived — a tamper-evident seal computed by hashing the canonical serialization of the core fields.

That’s it. No server. No key infrastructure. No expiration. Level 1 verification requires nothing beyond the manifest, the original file, and a SHA-256 implementation. The hash is the proof.

Optional layers add Ed25519 signatures (Level 2) and cryptographic timestamping via RFC 3161 or Bitcoin/OpenTimestamps (Level 3). Each level is a strict superset of the previous — an implementation can start at Level 1 and grow.

Design Philosophy

AIOSchema’s architecture rests on four pillars:

Stable Core, Modular Algorithms. The Core Block defines the shape of the standard. Hashing, signing, soft binding, and anchoring are modules — replaceable without redesigning the manifest. No single algorithm can compromise the whole standard.

Universality and Interoperability. AIOSchema is container-agnostic, platform-agnostic, ecosystem-agnostic, and metadata-agnostic. It integrates with C2PA, EXIF/XMP, schema.org, and W3C PROV — or can be used as a standalone solution.

Durability and Survivability. Content is constantly recompressed, resized, transcoded, and stripped of metadata. AIOSchema survives these transformations through multi-hash support, detached signatures, sidecar and XMP hybrid embedding, soft binding via perceptual hashing, and anchor chaining.

Verifiable Without Specialized Tools. The manifest is plain JSON. Canonicalization rules are deterministic. Anchoring is public and independently verifiable. No single system controls verification. A developer can implement a verifier in a day.

Read the full Design Philosophy →

Current Status

Version: v0.5.5 — Technical Preview

Published: March 7, 2026

Document ID: as-doc-spec-018f-v0.5.5

AIOSchema v0.5.5 is the first publicly available version of the specification. It is validated by five independent reference implementations in Python, TypeScript, Node.js, Go, and Rust — all cross-verifying 14 deterministic test vectors. The Core Block fields are architecturally frozen.

What “Technical Preview” means: The specification is complete, tested, and implementable. The “Technical Preview” designation indicates that the standard is pre-v1.0 and that governance transition has not yet occurred. The Core Block will not change. The standard is ready for implementation and adoption.

Regulatory Context

AIOSchema is designed to support compliance with content labeling and transparency requirements taking effect worldwide:

  • EU AI Act Article 50 — content labeling and transparency (August 2, 2026)
  • California SB 942 — AI-generated content disclosure (August 2, 2026)
  • UK Online Safety Act — content authenticity frameworks
  • Australian content labeling — provenance requirements

The standard provides a free, open, and neutral provenance layer suitable for regulatory adoption. AIOSchema does not mandate specific compliance outcomes — it provides the technical infrastructure for organizations to build compliant systems.

Governance

AIOSchema is currently in its founder-controlled pre-governance phase. The specification is authored and maintained by its founding author with full editorial control. This is a deliberate choice: a standard handed to a governance body before it is complete risks being shaped by committee dynamics rather than technical merit.

The specification remains CC-BY 4.0 and freely implementable. All normative text and reference implementations are covered by an irrevocable Royalty-Free patent commitment. These commitments are permanent regardless of governance transition.

When v1.0 is stable and adopted, AIOSchema will transition to neutral multi-stakeholder governance under a host organization such as the Linux Foundation, W3C, or equivalent neutral body.

License

Specification: Creative Commons Attribution 4.0 International (CC-BY 4.0)

Reference Implementations: Apache License 2.0

Commercial Tools (Provenance Studio, Hub): Proprietary. © 2026 Ovidiu Ancuta. All rights reserved.

Contact

© 2026 Ovidiu Ancuta · AIOSchema™ and ◈™ are trademarks of Ovidiu Ancuta