Cryptographically verified photo / video evidence: C2PA Content Credentials, EXIF metadata, ProofMode bundles, AI-generated detection (heuristic + vision-LLM), GPS Haversine distance, and an in-memory integrity store.
c2patool— C2PA manifest verification (without it,validateC2pareturnsavailable: false)unzip— ProofMode bundle extractiongpg— PGP signature verification on ProofMode
import { haversineKm } from "@anchr/photo-bounty/geo";
import { validateC2pa, isC2paAvailable } from "@anchr/photo-bounty/c2pa-validation";
import { validateExif, extractExifMetadata } from "@anchr/photo-bounty/exif-validation";
import { parseProofModeZip } from "@anchr/photo-bounty/proofmode-validation";
import { createAiContentChecker } from "@anchr/photo-bounty/ai-content-check";
import {
createIntegrityStore, storeIntegrity, getIntegrity,
} from "@anchr/photo-bounty/integrity-store";createAiContentChecker({ getConfig, readAttachment }) is a factory: inject your own config source and attachment reader so the package has no implicit dependency on host config or storage.
const check = createAiContentChecker({
getConfig: () => ({
enabled: process.env.AI_CONTENT_CHECK === "true",
anthropicApiKey: process.env.ANTHROPIC_API_KEY,
}),
readAttachment: async (ref, blossomKey) => {
// your implementation
return { data: buffer, mimeType: ref.mime_type };
},
});
const result = await check(query, queryResult, blossomKeys);deno task testTests skip gracefully when optional binaries (c2patool, unzip, gpg) are not installed.
@anchr/core-runtime— forspawn, file I/O,which, shared logger@anthropic-ai/sdk— for vision-LLM AI check (only used ifAI_CONTENT_CHECK=true)@noble/hashes— for SHA-256 (ProofMode hash verification)
The package's API is generic over the consumer's AttachmentRef shape
(via AiContentCheckQuery / AiContentCheckResult<TRef>); it carries
no opinion on the host's Query / QueryResult types.
MIT
{ "imports": { "@anchr/photo-bounty": "jsr:@anchr/photo-bounty@^0.1", "@anchr/core-runtime": "jsr:@anchr/core-runtime@^0.1" } }