OpenAI layers C2PA metadata and Google DeepMind’s SynthID invisible watermarking on generated images, plus a public verification tool to detect OpenAI-origin content.
Key Takeaways
SynthID watermarking applies to images from ChatGPT, Codex, and the OpenAI API; it complements C2PA cryptographic metadata, which can be stripped by screenshots or format changes.
OpenAI is now a C2PA Conforming Generator Product, enabling downstream platforms to reliably read and preserve provenance metadata beyond the originating platform.
The public verification tool checks for both Content Credentials and SynthID signals; if neither is found, it makes no definitive claim about AI origin.
At launch, verification is OpenAI-only; cross-platform support is planned for coming months.
The layered rationale: C2PA carries rich context, SynthID survives transformations; neither alone is sufficient.
Hacker News Comment Review
Core skepticism centers on adversarial removal: malicious actors will simply use generators that skip SynthID entirely, making the system opt-in by bad actors.
Technical commenters debate watermark durability. One claimed pixel-masking and inpainting removes visible SynthID patterns on black backgrounds; a reply pushed back that what is visible is likely a decoy, not the actual sub-bit signal.
The SynthID-Image paper (arxiv, Oct 2025) tested 136-bit payloads in 512x512 images with robustness benchmarks across transformations; the deployed version may differ meaningfully.
Notable Comments
@himata4113: describes a pixel-mask-inpaint-repeat attack to remove visible SynthID patterns, with depthmap assist.
@big_toast: cites SynthID-Image paper testing 136-bit payloads in 512x512 with transformation robustness benchmarks.
