TectraTectra
Open Source

Open Source Verification

tectra-verify is the open-source verification library that powers Tectra's verification pipeline. Extract watermarks, compute hashes, verify Merkle proofs — independently, without trusting Tectra's servers.

Why open source?

If only Tectra can verify, it's a product. If anyone can verify, it's a standard. Open-source verification ensures that provenance checks are trustless and auditable by anyone. A C2PA Contributor Member implementation.

Installation

bash
pip install tectra-verify

Requires Python 3.9+. Dependencies: Pillow, imagehash, invisible-watermark, requests, numpy.

Quick start

python
from tectra_verify import verify

result = verify("photo.jpg")
print(result)

# ✓ AUTHENTIC  (confidence: 100%)
# Signed by: OpenAI (ai_provider)
# Origin: AI Generated Image
# Blockchain: 0xfeff...
#   ✓ hash_exact: Exact SHA-256 match found
#   ✓ blockchain: Merkle proof verified — batch anchored on-chain

Python API

verify()

Full two-tier verification. Tries SHA-256 hash lookup first (no upload). Falls back to full upload for watermark + pHash analysis on images. Videos are always hash-only — file never leaves your machine.

python
from tectra_verify import verify

result = verify("photo.jpg")

# Access structured fields
print(result.authentic)           # True
print(result.confidence)          # 1.0
print(result.signer.org_name)     # "OpenAI"
print(result.origin.label)        # "AI Generated Image"
print(result.blockchain_tx)       # "0xfeff..."
print(result.timestamp)           # datetime object

# Individual checks
for name, check in result.checks.items():
    status = "✓" if check.passed else "○"
    print(f"  {status} {name}: {check.details}")

verify_bytes()

Verify raw bytes in memory — no file on disk needed.

python
from tectra_verify import verify_bytes
import requests

# Verify directly from a URL
resp = requests.get("https://example.com/image.jpg")
result = verify_bytes(resp.content, filename="image.jpg")
print(result.authentic)

extract_watermark()

Extract the DWT+DCT invisible watermark payload. Returns 32 raw bytes. The first 16 bytes are the meaningful Tectra payload; the rest is zero-padding.

python
from tectra_verify import extract_watermark, extract_watermark_hex

data = open("signed.jpg", "rb").read()

# Raw bytes
payload = extract_watermark(data)
print(f"Payload hex: {payload.hex()[:32]}")

# Convenient hex string
hex_payload = extract_watermark_hex(data)
if hex_payload == "0" * 32:
    print("No watermark detected")
else:
    print(f"Watermark: {hex_payload}")

compute_sha256() / compute_perceptual_hash()

Individual hash functions — the same algorithms used by the Tectra signing pipeline.

python
from tectra_verify import compute_sha256, compute_perceptual_hash, phash_similarity

data = open("photo.jpg", "rb").read()

sha256 = compute_sha256(data)
print(f"SHA-256: {sha256}")      # 64-char hex

phash = compute_perceptual_hash(data)
print(f"pHash:   {phash}")       # 16-char hex, 64-bit

# Compare two images visually (1.0 = identical)
original = compute_perceptual_hash(open("original.jpg", "rb").read())
screenshot = compute_perceptual_hash(open("screenshot.jpg", "rb").read())
sim = phash_similarity(original, screenshot)
print(f"Similarity: {sim:.0%}")  # e.g. 96%

verify_merkle_proof()

Verify a Merkle inclusion proof locally. Pure SHA-256 math — no network calls. This proves a content hash is genuinely part of a batch anchored on the Polygon blockchain.

python
from tectra_verify import verify_merkle_proof
import requests

# Fetch a certificate from the API
cert = requests.get(
    "https://tectra.vision/api/v1/content-records/RECORD_ID/certificate"
).json()

# Verify locally — no trust in Tectra required
valid = verify_merkle_proof(
    leaf_hash=cert["sha256_hash"],
    proof=cert["merkle_proof_json"],   # list of {"hash": str, "direction": "left"|"right"}
    expected_root=cert["merkle_root"],
)
print(f"Merkle proof valid: {valid}")

CLI

Command-line tool installed automatically with the package.

bash
# Verify a single file
tectra-verify photo.jpg

# Output:
# ── photo.jpg ──
# ✓ AUTHENTIC  (confidence: 100%)
# Signed by: OpenAI (ai_provider)
# Origin: AI Generated Image
#   ✓ hash_exact: Exact SHA-256 match found
#   ✓ blockchain: Merkle proof verified — batch anchored on-chain

# Verify multiple files at once
tectra-verify photo1.jpg video.mp4 screenshot.png

# JSON output (for scripting and pipelines)
tectra-verify --json photo.jpg | jq .authentic

# Use a self-hosted Tectra instance
tectra-verify --api-url https://your-instance.com photo.jpg

GitHub

tectra-vision/tectra-verify

Source code, issues, and contributions

PyPI: tectra-verify

Package releases and install stats

License

MIT License

tectra-verify is released under the MIT license. Use it in commercial and open-source projects without restriction. Attribution is appreciated but not required.

Contributing

Contributions welcome

We welcome pull requests, bug reports, and feature requests on GitHub.

Next: Webhooks

Real-time event notifications for content signing and anchoring.

Webhooks