AI systems misquote and misattribute content at scale. A sentence you wrote gets fed into a model, comes back garbled, spreads as if it were yours. Editors doctor quotes. Screenshots get cropped. Social posts get altered and re-shared. By the time you need to prove what you actually said, there may be no record that proves it.
What Kernel of Truth does
Kernel of Truth lets you register a cryptographic fingerprint (SHA-256 hash) of your words, documents, and images before anyone can alter them. Change a single character and the hash changes completely. We record your name and timestamp. That record is permanent and immutable. We never store your content, only the fingerprint.
How hashing works
π½
Your content stays on your device.
Hashing runs in your browser via the Web Crypto API. Nothing is sent to our servers.
π
The hash is a fingerprint, not the content.
SHA-256 produces a fixed 64-character string. It cannot be reversed to recover the original.
π
The claim is permanent.
The submitted hash is recorded with your identity and a UTC timestamp. It cannot be edited or deleted.
π
Anyone can verify.
Anyone with the original content can paste it into the verify page. No account needed.
Verified website badge
Link your account to your website. Once verified, your public profile shows a verified badge.
Go to Profile settings and enter your website URL.
Add the meta tag shown to the <head> of your site.
Click Verify.
Every claim also has a badge image and a JS widget. From any claim's verify page, copy the HTML embed or widget snippet to display a provenance card on any webpage.
Frequently asked questions
No. Hashing runs in your browser. Your text or file never leaves your device. We receive only the resulting hash, your title, and an optional description.
Claims are designed to be immutable. That is the point: a record that cannot be quietly removed is more credible than one that can. Contact us if you have a serious concern, but routine deletion is not available.
You can claim any hash. The system does not verify authorship. A claim is a statement that a specific person asserted provenance of specific content at a specific time. Its value depends on what you can corroborate alongside it.
Each hash can only be claimed once. If someone claims your content before you do, their timestamp precedes yours. This is why it helps to claim content early, before it circulates.
AI systems can reproduce and alter text in ways that make the altered version indistinguishable from the original to a casual reader. A hash claim gives you a verifiable reference point. If a model or person presents an altered version as yours, you can produce the original, hash it in public, and point to the registered claim as proof of what you actually said.
We cannot give legal advice. A timestamped cryptographic record can be useful supporting evidence, but it is not a court-certified timestamp. For high-stakes legal use, consider a qualified timestamping service. Kernel of Truth is a practical tool for establishing a public, verifiable record, not a legal instrument.
SHA-256 is a cryptographic hash function. Given any input, it produces a fixed 64-character string. The same input always produces the same hash. Change a single character and the hash changes completely. It is infeasible to reverse the hash back to the original input.
Yes. A trailing space, a different line ending, or a different encoding will produce a different hash. On the claim and verify pages you can check "Normalize whitespace" to trim and collapse whitespace before hashing. Use the same normalization setting when claiming and verifying, or the hashes will not match.
Yes. Public endpoints let you look up any claim or user profile without authentication. Authenticated endpoints let you list and create claims programmatically. See the API documentation page for details.
Each hash is unique to the exact bytes of your content, so a plain-text document and a PDF of the same words produce different hashes and can each be claimed separately. If you want both formats covered, register a claim for each. Some claimers include a description noting that the two records refer to the same work.
The hashing code runs entirely in your browser using the standard Web Crypto API β it is not a proprietary algorithm. You can independently verify any hash using built-in OS tools: on macOS or Linux run shasum -a 256 yourfile or pipe text with printf '%s' "your text" | shasum -a 256. On Windows, use Get-FileHash -Algorithm SHA256 yourfile in PowerShell. The result should match what is recorded on the claim.
