Truth Tags: Verifiable Truth via Metadata

Introducing Truth Tags: a new data verification framework that protects your privacy, lets you decide what to share, and works efficiently at any scale.

Library Source Code Incoming!

Imagine scrolling through your favorite social media platform and knowing that every image you see is genuine and unaltered. At Veracity Labs, we’ve turned this vision into reality with Realcaster, a decentralized social network designed to ensure every shared image is real.

Achieving provably-real images required a way to verify the origin of images without exposing the photographer’s identity. However, existing techniques weren’t privacy-preserving, couldn’t scale, or lacked essential features needed for moderation.

We created Truth Tags to fill this gap.

In this post, we’re excited to show you how our truth-tagging technology can enable you to ship privacy-preserving, scalable and moderation-friendly applications with security measures that distribute trust as-standard.

How Does This Work?

Metadata is crucial for establishing trust online, but features no cryptographic protection by default. Digital signatures are often employed to ensure the correctness and origin of this metadata; without them, it would be easy to forge or alter the information. However, digital signatures require you to know and trust the author’s public identity (key), which isn’t always practical or desirable, especially when privacy is a concern.

Truth Tags address these issues by redefining how metadata is authenticated. Instead of relying on individual authors to generate and sign the metadata, trust is placed in a central authority that verifies the information (metadata) associated with data’s origin and creates a reusable “truth tagger” for it. This metadata can contain a person’s name and age, the serial number of a device, or anything else — it’s possible for the data to have a non-human origin.

When someone requests a truth tagger, they suggest exactly what their metadata should contain and provide evidence that this information is correct to the central authority. The authority then evaluates this information to decide whether to issue a truth tagger and what content it should reference. This process is entirely programmable, enabling you to easily adapt Truth Tags for any context.

Authors have the freedom to disclose parts of their metadata and hide others when certifying their data — only necessary information is shared. This enables verifiers to authenticate the data using valid, centrally-approved metadata without deanonymizing the author. This allows, for instance, a freelancer to reveal their verified qualifications to a client without exposing their name.

Balancing Privacy With Accountability

Truth Tags offer indistinguishability. This means that, even with multiple Truth Tags, there’s no way to tell which ones came from the same Truth Tagger and which didn’t. This level of anonymity surpasses pseudonyms such as public keys, ensuring users can remain truly anonymous if they choose to.

Yet, Truth Tags also address the need for holding malicious parties accountable. In situations where it’s necessary — for example, for regulatory compliance — a majority of trusted moderators can work together to reveal the Tag’s unique identifier, needing only a single example of falsely certified data.

If misuse is detected, such as a hacked device using Realcaster to post misleading images, the trusted moderators will recover the Tag’s identifier and use it to ban the truth tagger. This renders the tagger invalid — it can’t be used again.

With advanced cryptographic tools, it’s even possible to issue truth taggers without revealing the author’s information to the central authority itself. This preserves author privacy during the issuance process, making Truth Tags particularly suitable for applications which require compliance with stringent data-protection regulations.

How We Maintain Trust And Decentralisation

Establishing corruption-resistance is crucial, especially in sensitive scenarios like whistleblowing. Imagine a whistleblower exposing wrongdoing within their organization — it’s vital that their identity remains confidential, even from their own employer. We achieve this by distributing the roles of issuing truth taggers, revoking taggers, and accessing the identities behind them among independent entities.

An employer can operate without the ability to infer the employee’s (author’s) identity from an example of data, even if they’re responsible for issuing and revoking truth taggers for their employees. Under these circumstances, the connection between the tagger’s usage and the individual’s identity remains effectively concealed and the ability to recover the user’s identity is delegated to some trusted third party, such as an auditor.

If it’s ever necessary to uncover the identity behind a tagger— such as in cases of criminal investigation or when mandated by a court order — the trusted third party can step in. This neutral entity has the capability to map a used descriptor back to an identity but only under controlled or legally sanctioned circumstances.

Additionally, each entity can employ optional multi-party computation (MPC), which ensures that no single participant has access to sensitive information. Instead, they jointly compute over encrypted data without the ability to inspect its contents. Even if a server is compromised, the system remains secure because critical operations require collaboration.

Scalability

We designed cryptographic descriptors to be efficient and scalable, so they work well even when used on a large scale. Here’s what that means:

• Small Size: Each descriptor is about 520 bytes when bound to data. This keeps storage and transmission requirements low.
• Fast Processing: Creating a signature on data takes about 50 milliseconds, and verifying a descriptor takes around 20 milliseconds. This means operations happen quickly, without noticeable delays.
• Quick Issuance: Descriptors can be issued in less than a second, making them practical for real-time applications.
• Efficient Revocation: The system can handle up to 10,000 revocations per second. This ensures that updates to the list of invalid descriptors happen promptly.

It Works Offline

Truth taggers are built to function effectively both online and offline. In an online context, verifiers can quickly check the status of Truth Tags, ensuring they haven’t been revoked. In offline scenarios, verifiers can still trust the validity of Truth Tags based on the last known status, thanks to timestamps included within the descriptors.

The timestamp indicates when the Truth Tag was last updated, providing assurance that the author was in good standing at that time. Once connectivity is restored, any updates — including revocations — can be processed to maintain overall system integrity.

Conclusion

Truth Tags represent a significant advancement in data authentication and privacy. By allowing authors to attach authenticated metadata to their data — verified by a central authority — and enabling selective disclosure and indistinguishability, they provide a robust solution to the limitations of traditional metadata and signatures.

At Veracity Labs, we’ve developed this framework to authenticate images as real, captured on approved and secure devices. This enables us to combat misinformation by verifying digital content authenticity, ensuring trust without compromising privacy.

We believe that Truth Tags will play a crucial role in shaping the future of secure and private data exchange. Whether it’s verifying the authenticity of images or enabling automated insurance settlements, the applications are vast and transformative.

We’re excited about the possibilities that cryptographic descriptors open up and would love to hear your thoughts. How do you envision this technology impacting your field? Share your insights or reach out to us at Veracity Labs to learn more.