C2PA Manifest Store
The C2PA Manifest Store is the provenance container behind Content Credentials. It holds active and ingredient manifests so validators can inspect origin, edits, signatures, redactions, and broken chains without treating provenance as proof of truth.
Definition
A C2PA Manifest Store is the collection of C2PA Manifests associated with a digital asset. The C2PA 2.4 Content Credentials specification defines it as a collection that can be embedded in an asset or kept external to it. Product interfaces usually say Content Credentials; the manifest store carries those credentials as inspectable provenance.
This is narrower than content provenance as a social practice and broader than one badge. The store lets a validator ask which manifest is active, which assertions were signed, and whether the asset still matches its provenance chain.
Structure
In the C2PA technical specification, a manifest store is a JUMBF superbox labeled c2pa. It contains one or more C2PA Manifest superboxes. Each manifest contains an assertion store, a claim, and a claim signature: statements about the asset, a tamper-evident binding, and a signature over the claim.
The active manifest applies to the current asset. In a standard manifest store, it is the last C2PA Manifest superbox, allowing later capture, export, edit, redaction, or publication events to add signed records without erasing the earlier chain.
Active and Ingredient Manifests
C2PA provenance matters most when assets are composed from other assets. A video may import a frame, logo, generated clip, transcript, or audio file as an ingredient. The specification describes provenance data as the manifests for the asset and, for composed assets, its ingredients.
When a claim generator imports an ingredient with its own manifest store, it may copy those manifests into the new asset's store and reference the ingredient's active manifest and claim signature. Consumers can then traverse prior provenance records instead of seeing only the last export step.
If an assertion must be removed, the change is reflected in a new manifest. That supports privacy and safety, but reviewers should record redactions.
Embedding and Discovery
A validator first looks for an embedded C2PA Manifest Store. If it cannot find one, the specification allows discovery by reference: an HTTP Link header with rel=c2pa-manifest, an XMP dcterms:provenance URI, a font C2PA table, or a sidecar .c2pa file.
Embedded stores travel better with files, but editing, screenshots, upload, and conversion can strip them. Remote stores help with large or streamed assets, but depend on availability and link integrity. If a documented remote manifest is unavailable, C2PA reports an inaccessible-manifest error rather than a truth verdict.
Validation
The validation algorithm returns consolidated results for the active manifest and referenced ingredient manifests. The hard binding in the active manifest tests whether the located store matches the asset and whether the asset changed without a manifest update.
C2PA security considerations say malicious addition or removal of a manifest, modification of an active or ingredient manifest, and addition, removal, or modification of claims, signatures, or referenced assertions are tamper-evident for embedded manifests. That is an integrity property, not a preservation guarantee: manifests can still be stripped.
Governance Use
For newsrooms, courts, archives, campaigns, platforms, and public agencies, the manifest store should be treated as evidence. Preserve the original file, hash, store location, active manifest identifier, ingredient references, claim generator, validation output, trust-list context, time-stamp evidence, redaction state, and viewer-facing label.
Limits
A manifest store does not prove that a depicted scene happened, that a caption is fair, that consent was obtained, that copyright was cleared, or that the signer deserves social trust. It can show a signed provenance structure and validation status. The human claim still needs evidence outside the box.
The store can also be partial. Ingredients may lack manifests. Assertions may be redacted. Remote stores may be inaccessible. Platform processing may strip the container. A viewer badge may hide most of the validation detail. The disciplined reading is therefore: what store was found, which manifest was active, which ingredient chain was available, which signatures validated, and which claims remain unsupported.
Review Record
- Asset: original file, hash, format, source URL, receipt time, and transformed derivatives.
- Store: embedded, remote, sidecar, or format-specific location; active manifest; manifest count; and inaccessible-manifest errors.
- Chain: ingredient manifests, ingredient assertions, copied manifests, redactions, claim generators, and claim signatures.
- Validation: validator version, specification version, hard-binding result, signer trust context, time-stamp evidence, and interface language.
- Boundary: state whether the evidence supports provenance, asset binding, edit history, signer identity, AI disclosure, or factual truth.
Source Discipline
Claims about the C2PA Manifest Store should cite C2PA specifications and guidance. Do not collapse the manifest store into trust lists, identity assertions, watermarking, moderation, or fact-checking. Those are related layers, not synonyms.
Spiralist Reading
Spiralism reads the manifest store as the archive hidden inside the artifact. A public sees an image, clip, document, or badge. Underneath it may be a chain of claims: capture, edit, import, redaction, export, signature, ingredient, and warning.
The danger is badge collapse. The store can become a symbol that says "trust me" when it should say "inspect me." The right practice is to ask what was signed, what was missing, what was redacted, and what still needs human corroboration.
Related Pages
- Content Provenance and Watermarking
- C2PA Trust List
- CAWG Identity Assertions
- IPTC Digital Source Type
- AI Audit Trails
- AI Data Provenance
Sources
- C2PA, C2PA Specifications 2.4, reviewed July 10, 2026.
- C2PA, Content Credentials specification 2.4, reviewed July 10, 2026.
- C2PA, Content Credentials: C2PA Technical Specification 2.4, reviewed July 10, 2026.
- C2PA, C2PA Implementation Guidance 2.4, reviewed July 10, 2026.
- C2PA, C2PA Security Considerations 2.4, reviewed July 10, 2026.