Verifiable encrypted drawing process log plugin

Hello Krita team and community,I would like to propose a new plugin (or built-in feature) called “Verifiable Encrypted Drawing Process Log”.

What it does:This plugin would automatically record the entire creation process in a structured, chronological log while the artist is drawing. At the end of the artwork, it would export a special file (e.g. .apl) that contains:All brush strokes with full point data (X/Y coordinates, pressure, velocity, tilt, rotation, etc.)
Layer operations (create, delete, merge, reorder, opacity changes, blend modes, etc.)
Tool parameters and changes
Undo/Redo history (full command sequence)
Timestamps for every action

The log would then be encrypted (AES-GCM or similar) so that only the original artist can decrypt and view the detailed process.
A digital signature (using the artist’s keypair) would also be attached, allowing third parties to cryptographically verify that:The log was created by the claimed artist
The log has not been tampered with
Replaying the log produces exactly the same final image (replay verification)

Why this is needed:Proving authorship and authenticity in the age of AI-generated art
Strong protection against plagiarism and forgery
Artists can keep their creative process private while still providing verifiable proof when needed (for clients, exhibitions, NFTs, etc.)
Helps distinguish real human-created artwork from AI or traced works

Similar existing features:Krita already has excellent Recorder (timelapse) and Python scripting support. This plugin would build on those foundations to create a cryptographically verifiable, replayable process log. If something like this already exists or has been discussed, please let me know so I don’t create a duplicate.I currently do not have a complete detailed specification, but I have a clear concept and basic structure in mind. I would like to hand this idea over to someone with more technical knowledge who can help develop the full specification (JSON/Protobuf schema, encryption flow, replay logic, etc.) and implement it.Note: This post was written with the assistance of AI (Grok by xAI) for English translation and phrasing, but the idea and details are entirely my own.Would the community or developers be interested in this feature?

Looking forward to your thoughts.

Do you intend to implement that plugin?

How would you prevent or recognize automated inputs or actions by other plugins? The history will be incomplete as soon as you don’t do something in Krita. Let’s say I use Inkscape to do my vector works and use Blender to prepare a 3D concept first. Your log will only show a paste action when I insert my work.

I can understand why someone would want this feature but I believe it doesn’t really prove anything useful and it feels weird to have a plugin that’s essentially a keylogger.

Wacom (or someone contracted by them) is already working on something like this in that regard: https://invent.kde.org/graphics/krita/-/merge_requests/2612

The moment something like this comes out, is when there will never be a way prove your even human though your art.

This is the third time someone wants this data since last year or so. And you just know they will get hands on that data to train AI if that data exists.

They make an event for some dumb prize and then it needs submissions to prove themselves and voila data aquired for cheap cheap.

How can you prove its you if you cant show it to anyone ? Because that trick will only work once.

Reply suggestion:I understand your concern, but I believe this feature actually works in the opposite direction and strengthens human artists’ position.

  1. You control the data completely
    The log is encrypted so that only you (the artist) hold the decryption key. You never have to show the full process to anyone unless you choose to.
    For verification, you can:

    • Show only the cryptographic signature (public proof)

    • Or decrypt and provide the replayable log only to trusted parties (judge, client, gallery) under NDA if necessary.

  2. It’s opt-in and private by design
    The artist decides when and to whom to reveal the process. It’s not automatically public. This is very different from mandatory public timelapses or open datasets.

  3. AI training concern
    Even if someone tries to collect data through contests, artists can simply not submit the encrypted log or submit only the signed hash.
    Without the artist’s private key, the data is useless. This gives artists real control, unlike current situations where people already scrape public timelapses and speedpaints for training data.

  4. “Prove it only works once”
    Actually, it can work repeatedly. You can generate a new keypair for each artwork, or use the same one across multiple pieces. The cryptographic signature proves authorship every single time, just like digital signatures in software or legal documents. It’s not a “one-time trick” — it’s repeatable, verifiable evidence.

  5. Current reality without this tool
    Right now, many artists already feel they can’t prove they are human. AI-generated images look perfect, and simple timelapses can be faked or imitated. A cryptographically signed, replayable process log is one of the strongest technical tools we have to push back against that.

But the signature is pretty useless when someone else can’t independently verify it and that’s only possible when having the whole data.

I could just use pgp to sign my file then.

Design Approach for the Near Term (Human Variation + Indirect Verification)

For the time being, the system will use full encryption by default and only allow minimal indirect verification when third-party proof is required. This hybrid approach significantly reduces the risk of log leakage while still providing practical authorship verification.

Strength from Human Imperfection (Defense Against AI Learning)

A real artist’s drawing log always contains tiny, unavoidable human variations — natural fluctuations in pressure and speed, subtle hand tremors, timing of Undo/Redo actions, slight gaps between strokes, and personal correction patterns. Even if AI perfectly learns the process and generates very similar artwork and logs, it is extremely difficult to replicate the exact micro-variations of a specific human session. These differences ensure the hash will never match exactly, automatically rejecting AI-generated fake logs. Combined with cryptographic signing using the artist’s private key, this provides strong uniqueness and authorship proof that remains robust even as AI advances.

Indirect Third-Party Verification via Account-Issued Credentials

When third-party verification is needed without revealing the encrypted log, the artist can issue a Verifiable Credential (W3C standard) or C2PA-compatible Content Credential directly from their account.

  • The credential contains a signed statement such as “This image was created by me” and the hash of the corresponding encrypted log.

  • Third parties can verify only the cryptographic signature using the artist’s public key, confirming it is a genuine credential issued by the claimed artist — without ever seeing the process details.

This allows safe, indirect proof for contests, sales, exhibitions, or clients. Direct verification (temporary key sharing) remains available as an optional choice when needed.

Summary of the Hybrid Approach

By combining full encryption, human micro-variations as a natural defense, and account-issued Verifiable Credentials / C2PA manifests, the system protects privacy while enabling practical authenticity proof. ZKP (Zero-Knowledge Proofs) and other advanced techniques can be added later for even stronger direct verification without disclosure.

Note on Technical Details

The technical concepts in this proposal (ZKP, Verifiable Credentials, C2PA integration, etc.) were developed with detailed assistance from AI (Grok by xAI) based on my original idea. They go beyond my personal technical knowledge, so I won’t be able to go into deeper or more specific implementation discussions myself. I would be happy to hand over the full concept to more experienced developers who can refine and implement it.

So suddenly you also need infrastructure for accounts? I think you should think this one through in a quiet moment because to me this doesn’t make much sense as it’s currently proposed. Perhaps start with a small prove of concept to see if this can actually work like you intend.

I remember that too, would be kind of paranoid if not for this user being brand new and the OP and each reply look like they were copy/pasted from a chatbot… No one writes like this naturally :pensive_face:

That’s right, because I’m translating something I thought up in Japanese.

Fair enough, I skimmed through the rest of your post after noticing the ai structure and style. Your language disclaimer blended into the last paragraph.

I dont know those protocols but it still sounds very exploitable in practise.

You create a new artist AI signature and your producing hashes naturally. How can an hash replace the whole data as proof ? People will just force people to release the full data. Its just more steps for the same end result.

I also think it needs a really good test run to make proof it would work.

Comparing it to digital signatures is odd. You want to prove the artwork is human not that it has a signature they can just copy paste. I would need accounts for that. And would only work if you uploaded tge art probably to register a art to that tag. I thought this was some meta data thing.

Whatever you are using to “translate” it is turning it into something bloated and vacuous. The AI does not “develop” your ideas, it just turns whatever short thing you gave it into slop that others have to wade through. In the future, just write the idea down as it is, it is much better to have a short and good idea that someone competent can develop than be slapped in the face with an almost 400 word long post that they have to strip back down to the few parts that make sense. They don’t need you to feed it through a chatbot first.

I don’t think any of this discussion has a point in the first place though, Wacom already had this idea and is working on it across multiple drawing programs. It seems pretty reasonable how they solve it, it does not involve exposing data that is useful for training.

The whole discussion about how you could theoretically defeat it misses the point a bit: this kind of thing increases the effort required to produce fakes and the chance of being caught. It doesn’t need to be perfect to be useful, it can still serve as a useful filter.