However, traditional digital proof-of-authorship systems often suffer from:

• Dependency on centralized authorities (Certificate Authorities, timestamp services)
• Lack of portability across different systems and contexts
• Weak binding between identity and cryptographic keys
• No built-in delegation mechanisms for transferring or sharing authorship rights

KERI's Approach

KERI and ACDC (Authentic Chained Data Container) provide a sophisticated approach to proof-of-authorship that addresses traditional limitations through several key innovations:

Self-Certifying Identifiers as Authorship Root

KERI uses Autonomic Identifiers (AIDs) as the foundation for authorship claims. AIDs are self-certifying identifiers cryptographically derived from public keys, eliminating dependency on external naming authorities. When an AID controller signs data, the signature provides:

• Direct cryptographic binding between the identifier and the authorship claim
• Verifiable key state through the Key Event Log (KEL)
• Rotation capability allowing key updates without breaking the authorship chain
• Delegation support enabling hierarchical authorship structures

ACDC Authorship Chains

ACDCs integrate proof-of-authorship into their core data structure through Authentic Provenance Chains (APCs). Each ACDC contains:

Issuer AID Field (i): The autonomic identifier of the ACDC creator, establishing the root of authorship

SAID Field (d): A Self-Addressing Identifier that is a cryptographic digest of the entire ACDC, creating an immutable binding between the data and its content

Digital Signatures: Attached as CESR-encoded primitives that cryptographically prove the issuer AID controller authorized the ACDC creation

Anchoring Digests: Hash commitments that bind the ACDC to specific points in the issuer's KEL, establishing temporal ordering

This structure creates a verifiable chain of proof-of-authorship where:

1. The ACDC's SAID commits to its exact content
2. The issuer's signature proves the AID controller created it
3. The KEL anchoring establishes when it was created
4. Any verifier can independently validate all three properties

Chained Authorship for Complex Scenarios

ACDCs support chained proof-of-authorship through their directed acyclic graph (DAG) structure. The Edge section of an ACDC can reference other ACDCs, creating authorship chains that track:

• Derivative works: New content based on original authored content
• Transformations: Data processing steps with verifiable authorship at each stage
• Aggregations: Combined data from multiple authors with preserved individual authorship
• Delegated creation: Authorized parties creating content on behalf of original authors

For example, in a book publishing scenario:

1. Original Creation: Author Terlalu Bonito writes a book and creates an ACDC containing the book data with an anchoring digest signed at publication date - this establishes proof-of-authorship
2. Rights Transfer: Terlalu sells publishing rights to Liz Smiley
3. Authority Chain: A new ACDC references the original, establishing Liz's proof-of-authority over publishing rights
4. Preserved Authorship: The original ACDC's proof-of-authorship remains intact and verifiable even as authority transfers

This separation enables complex scenarios where authorship and authority diverge while maintaining cryptographic verifiability of both.

Integration with Proof-of-Authority

KERI's architecture recognizes that real-world data ecosystems require both authorship and authority proofs. ACDCs provide:

Proof-of-Authorship Layer: Establishes who created the data through cryptographic signatures bound to AIDs

Proof-of-Authority Layer: Establishes who has rights over the data through chained delegation structures

The combination creates comprehensive provenance tracking:

• Origin verification: Cryptographic proof of original creator
• Chain of custody: Verifiable history of authority transfers
• Current control: Cryptographically verifiable current rights holder
• Delegation trees: Hierarchical authority structures with preserved authorship

This dual-layer approach enables use cases like:

• Supply chain tracking: Original manufacturer authorship with current owner authority
• Credential delegation: Issuer authorship with delegated issuance authority
• Content licensing: Creator authorship with licensee usage authority
• Data marketplaces: Data producer authorship with buyer usage authority

End-Verifiable Authorship

A critical property of KERI's proof-of-authorship is end-verifiability - any party can verify authorship claims without relying on infrastructure not under their control:

• No trusted intermediaries: Verification uses only cryptographic primitives and the KEL
• Ambient verifiability: Anyone, anywhere, anytime can verify authorship
• Duplicity detection: Conflicting authorship claims are cryptographically detectable
• Portable verification: Authorship proofs work across different systems and contexts

This eliminates single points of failure and enables truly decentralized authorship verification.

Practical Implications

Use Cases

Authentic Data Supply Chains: Manufacturing and logistics systems can track product data from creation through distribution, with verifiable authorship at each transformation step. Each processing stage creates a new ACDC with proof-of-authorship for the transformation while maintaining the chain back to original creation.

Digital Rights Management: Content creators can establish cryptographic proof of original authorship that persists even as usage rights are licensed or transferred. The authorship proof remains verifiable regardless of how many times rights change hands.

Regulatory Compliance: Financial institutions can prove the authorship of regulatory reports, with cryptographic evidence of who created each data element and when. This supports audit trails and non-repudiation requirements.

Scientific Data Provenance: Research data can carry verifiable authorship from collection through analysis and publication, enabling reproducibility verification and proper attribution in collaborative research.

Verifiable Credentials: Credential issuers establish proof-of-authorship for issued credentials, enabling verifiers to cryptographically confirm the credential's origin without contacting the issuer.

Benefits

Cryptographic Non-Repudiation: Authors cannot deny creating data once they've signed it with their AID. The KEL provides an immutable record of the signing event.

Decentralized Verification: No dependency on centralized authorities or online services for authorship verification. Verifiers need only the ACDC, signatures, and KEL.

Portable Attribution: Authorship proofs work across different systems, platforms, and contexts. Data can move between ecosystems while maintaining verifiable authorship.

Temporal Ordering: KEL anchoring establishes verifiable creation timestamps without requiring trusted timestamp authorities.

Delegation Support: Authorship can be delegated through cryptographically verifiable chains, enabling complex organizational structures while maintaining accountability.

Privacy Preservation: Graduated disclosure mechanisms allow selective revelation of authored data while maintaining cryptographic proof of complete authorship.

Trade-offs

Complexity: Implementing proper proof-of-authorship requires understanding KERI's key management, event logs, and signature verification. This is more complex than simple digital signatures.

Key Management Burden: Authors must properly manage their AIDs and signing keys. Key compromise undermines all authorship claims made with those keys.

Storage Requirements: Maintaining KELs and signature attachments increases storage overhead compared to unsigned data.

Verification Overhead: Verifying authorship requires processing KEL events and validating signatures, which is more computationally expensive than trusting centralized assertions.

Irrevocability: Once authorship is cryptographically established, it cannot be undone. This is a feature for non-repudiation but may be problematic if keys are compromised.

Governance Dependency: While cryptographically verifiable, determining whether authorship matters for a particular use case requires governance frameworks and trust policies beyond the cryptographic layer.

The KERI approach to proof-of-authorship represents a fundamental shift from trust-based to cryptographically-verifiable authorship systems, enabling authentic data ecosystems where origin and creation can be independently verified without relying on centralized authorities or trusted intermediaries.