For content platforms · publishers · AI labs

Proof of content rights for AI.

A signed, verifiable receipt of the rights granted on any piece of content — one that anyone, even machines, can verify instantly and offline.

License research so it can't be used to train AI without the author's consent.

One of the asks in the Leiden Declaration on AI and Mathematics — backed in June 2026 by the International Mathematical Union, the global body for mathematics.

The EU AI Act is here — can you show you respected content owners' rights?

Its rules for general-purpose AI require providers to honour content owners' rights reservations and publish a summary of their training data — in force now, with enforcement tightening through 2026.

The receipt the licence economy never had — a Getty invoice proves you paid, not what you're allowed to do, or whether you still can.

The questions every content owner, AI lab, and content buyer now has to answer.

How do I know — or prove — this content is licensed for AI?

A LicenseFoundry credential is a signed, machine-readable record of the rights granted on a piece of content. Anyone — a person or an AI system — can verify it offline against the issuer's did:web key, with no account and no call back to us.

Can you prove what you licensed?

Yes. Each licence is a W3C Verifiable Credential, cryptographically signed with Ed25519 by the rights-holder's platform. The signature proves who issued it and that nothing in it has been altered.

Can you prove the exact rights you granted?

Yes. Rights are declared per use — training, RAG, embedding, display, derivatives — each with its own scope, such as territory and duration. The credential records exactly what was granted, not a single vague 'licensed' flag.

Can you revoke a licence in a way AI labs can verify?

Yes. Revocation flips a bit in a public Bitstring Status List v1.0, and every verifier sees the change within its cache window. A paid invoice cannot be un-paid — a licence can be revoked, and a lab can check its status at the moment of use.

Can your licence records survive an audit?

Yes. Every credential is independently verifiable after the fact — offline, by any third party, using open-source SDKs — so a licensing position can be reconstructed and checked without trusting LicenseFoundry's systems or word.

I want to use licensed content in an ad or design — can I check what I'm allowed to do?

Yes. Where content carries a LicenseFoundry credential, you can verify the exact rights and scope you've been granted — including whether AI adaptation is permitted — offline, in your browser, with no account. It's the free verification tool below, and the same open SDK lets a brand or agency check rights automatically at scale.

Two crises, one missing layer.

For content platforms

Your catalog is full of creator-uploaded material with terms that are silent or inconsistent on AI training. When a creator sues because an AI lab trained on their work, you have nothing to defend yourself with except your existing T&Cs — which were never built for AI.

For AI labs

You're ingesting training data at scale with mounting pressure from the EU AI Act, state-level provenance laws, and private litigation. You need to verify rights programmatically, across millions of inputs, without slowing your pipeline. Bilateral deals don't scale.

See the missing layer for yourself.

Both crises share one root — content whose rights can't be proven. Point the tool at any URL or file and it reads what that content actually declares to AI: reserved, granted, verified — or, most often, silent.

robots.txt · Content-Signals · licence · verifiable credential — no login

What does my current content allow?

Every piece of content answers to AI now — check what yours says. Most content is silent: it declares no rights at all. Silence isn't consent — but it isn't proof, either. Paste a URL or drop a file; we read the machine-readable rights and tell you plainly. Public signals only; a file is hashed in your browser and never uploaded. Not legal advice.

Who fills the gap

We're not an AI lab. We're not a content platform. We're the third party that signs what issuers grant and that labs verify — with no business that competes with either side. That's the structural difference between us and self-signed credentials, coalition-controlled trust lists, or lab-built verification stacks.

The Product.

Declare the rights you grant, then use ASSESS to score how audit-ready that declaration is — free. Issue it as a machine-readable CREDENTIAL, revocable when the rights change. Upgrade to a LicenseFoundry-cosigned LICENSE for court-defensible verification. Pull AUDIT reports for the AI-lab side.

01

ASSESS

Score how audit-ready your rights declaration is against the public Compliance Framework — EU AI Act, GDPR, CCPA, COPPA, HIPAA, and four other categories. Returns specific gaps to remediate, not just a number.

Always free →

02

CREDENTIAL

(content rights record)

Issue your content's rights as a machine-readable, revocable record — after ASSESS shows the declaration is audit-ready (Step 01).

See pricing →
OUR MOAT

03

LICENSE

Upgrade your credentials to a verifiable license cosigned by LicenseFoundry. Production houses, AI labs — practically anyone — can verify the rights to your assets with our free verification SDK.

Ed25519-signed via did:web:licensefoundry.com · production verifiers reject sandbox credentials by construction

See pricing →

04

Audit Services

  • Continuous Oversight (for AI Labs)
  • Audit Reports on Request
  • Named-Analyst Review
  • Qualified-Counsel Review
See pricing →

Verify any content rights — in your browser.

Whether you're an AI lab checking training data or a brand, agency, or design team clearing content for a campaign, verification is free and open. A real signed licence, verified in your browser — Ed25519, no server, no login, no trust in us. Edit any character below and watch the signature fail. (Verifying your own issuer's credentials resolves their key via did:web — that's the open SDK.)

Ed25519 · did:web · offline
    Verified in your browser (WebCrypto) against the demo issuer's public key. Real credentials resolve the issuer's key via did:web and check revocation against a status list — both run in the open verifier SDK.

    How it works

    The core idea — in plain English

    Your rights aren't a label on a file. They're a record: which uses you've granted on a piece of content, at what scope — and whether that still holds. A plain file can't carry that, and a PDF in a vendor's database can't be verified without the vendor.

    Provenance — C2PA, Content Credentials — proves what a file is and where it came from; it never says what you're allowed to do with it. Those are different questions, answered by different records.

    So we issue a receipt — a signed, portable record of the rights granted on the content (what's allowed, the scope, and whether it's still valid) that an AI lab, an auditor, or a court can verify on their own, offline, years later — without trusting us or even asking us. The file just points to it.

    That verifiable rights record is the piece every other layer leaves out — and it isn't only about AI training. Any time content is licensed and someone later has to prove what was permitted, the receipt is the proof. ASSESS → CREDENTIAL → LICENSE → AUDIT is how you create it and stand behind it.

    How a credential is created — and who does what

    Publisher
    Owns the content. Sets which rights to grant, and at what scope.
    AI lab / buyer
    Verifies the rights on the content — offline, against our published keys, without calling us.
    LicenseFoundry
    Co-signs the rights record and publishes the keys + revocation everyone verifies against. Never in the deal or the money.
    1. Register the content once — by its fingerprint (SHA-256), not an upload.
    2. Set the rights you grant (CREDENTIAL) — which uses are allowed (train, RAG, embed, display…), each with its own scope (territory, term, model family) — and run ASSESS to score how audit-ready that declaration is.
    3. Co-sign it (LICENSE) — LicenseFoundry signs a verifiable record of those rights, anchored to the content, time-stamped, with a public revocation handle.
    4. Anyone verifies it on their own — an AI lab, an auditor, or a court — against our published keys and revocation list. No call to us required.
    5. Change or withdraw it — revoke and re-issue; the revocation is public and immediate, and the old record stops verifying.

    What one credential records (per asset)

    train → granted  ·  EU · 12 months
    rag → granted  ·  global
    embed → granted  ·  open-weights only
    display → not granted

    Per-right scope is the differentiator — one signed record per asset, revocable, verifiable offline.

    Where we live: we co-sign the rights record and publish the keys + revocation list everyone checks against (did:web:licensefoundry.com) — deliberately out of the negotiation, the payment, and the content path. That separation is what makes the attestation neutral. Change the rights or withdraw them, and the revocation is public and immediate.

    Built on the standards that matter.

    W3C VC Data Model 2.0

    Standardised credential envelope

    JWT-VC compact JWS

    Wire format every JWT verifier handles

    Ed25519 / EdDSA

    Modern asymmetric signatures

    CoMP v1.0 compatible

    IAB Tech Lab standard for AI rights

    Bitstring Status List v1.0

    W3C revocation with offline cache

    did:web

    DNS-rooted trust anchor

    Where the standards exist, we adopt them. Where they don't yet, our schema is designed to absorb the next version without breaking credentials we've already issued.

    Independent by design.

    Independence isn't marketing — it's a structural property of who can credibly sign what. Self-signed credentials are an issuer's claim, not evidence. Coalition-controlled trust lists carry their members' biases. Robots.txt and C2PA address adjacent problems — opt-out and provenance — but not licensing. Bilateral lab-platform deals work for the giants and leave the mid-market exposed. A third-party signature from an entity with no business in either direction is the baseline this market is structurally missing.

    Neutral signing

    Not the issuer. Not the verifier.

    Issuers can't sign their own credentials and call them verifiable — self-attestation is the model labs already reject. We sign for them, with our key, under our DID. The credential carries weight precisely because we have no incentive to lie about what was granted.

    No conflict of interest

    We don't train. We don't sell content.

    We're not in either side's business. We have no incentive to declare more content trainable than it is, or fewer credentials valid than they are. Our only product is keeping the trust layer working for both sides — which fails the moment we tilt toward either one.

    Audit-grade attestation

    Third-party signature, by structure.

    Regulators and external counsel give more weight to independent third-party attestation than to self-signed documents. A compliance report citing our DID is structurally more defensible than the same artefact a customer produced about itself.

    Pricing.

    ASSESS · always free

    Every asset, every environment, every caller$0

    Scoring is a calculator, not an attestation — credentials are what we charge for. No auth required.

    CREDENTIAL · per rights manifest · PAYG

    Pay-as-you-go — no subscription required. Free for OSI-licensed open-source assets. Publisher bundles are an optional alternative, not a prerequisite.

    Standard$0.027
    OSS-licensedFree unlimited

    PAYG by complexity

    click to expand

    For one-off or low-volume issuance without a bundle subscription. ~98% of expected volume on the Standard path; per-license price determined by complexity (see framework below).

    ComplexityPAYG per license
    Low$0.13
    Medium$0.85–$1.25
    High$1.50–$2.50
    Premium-edge$2.50–$3.25

    What low / medium / high complexity means.

    Most real-world rights configurations land in Medium or High. Low is for genuinely simple, single-jurisdiction, no-condition licenses — uncommon in regulated procurement and almost never the shape of content that needs LicenseFoundry's attestation in the first place.

    Complexity Definition Example Per-license
    Low 1–2 rights, uniform jurisdiction, no scope conditions, general content Public-domain illustration, train: yes $0.13
    Medium 3–5 rights, single jurisdiction lens (EU OR US OR California), basic scope conditions, general content Stock photo for training with attribution required, no commercial sub-license $0.85–$1.25
    High 5–7 rights + multiple scope conditions, multi-jurisdiction lens, OR regulated-sector content (health, financial, defense) Industry photography, audit-trail required, EU + US + California lenses $1.50–$2.50
    Premium-edge High + children's data, biometrics, or Article-9 special categories Educational imagery with COPPA + GDPR-K + minor-consent metadata $2.50–$3.25

    Subscription Bundles (for Publishers, etc.)

    If you answered no to any of the questions above, then this product is your solution. Choose your tier and sign-up today.

    Starter

    $549/mo

    $5,490/yr (save 17%)

    • Unlimited assessments / mo
    • 5,000 credentials / mo
    • 1,500 licenses / mo
      1,000 Medium · 500 High · Premium-edge PAYG-overage
    Start in sandbox →

    Scale

    $7,699/mo

    $76,990/yr (save 17%)

    • Unlimited assessments / mo
    • 125,000 credentials / mo
    • 25,000 licenses / mo
      10,000 Medium · 10,000 High · 5,000 Premium-edge
    • Quarterly audit reports included
    Talk to us →

    Enterprise

    Quoted 

    $16,699–$33,000/mo range

    • Unlimited assessments
    • Unlimited credentials
    • 100K+ licenses / mo
      All complexity tiers unlimited
    • Monthly audit reports included
    Talk to us →
    What subscription includes beyond price
    CapabilityPAYGSubscription
    Audit-log retention90 days7 years (matches typical regulatory minimums)
    Issuance SLA (p95)≤30s, best-effort≤1s, priority queue
    Revocation propagation≤24h (cache-bound)≤5min, cache-bust
    Designated supportcommunity / emailNamed support engineer, 24h response SLA
    Framework-version migrationDIYIncluded consultation on every version bump
    Annual compliance reviewnot offered1 hour included per year
    Audit reports on-requestnot available$2,749/report; Scale includes quarterly, Enterprise includes monthly

    Overage rules. License overage above bundle total → auto-upgrade with proration (Model B) when sustained. Premium-edge issuance without allowance (Starter only) bills at PAYG rate ($2.50–$3.25/license) for one-off use; sustained usage triggers a soft upgrade prompt to Growth. Hard constraint: licenses ≤ credentials in any period — you can't license content you haven't credentialed.

    Audit Services

    Human-touched review and oversight, across the credential lifecycle. AI labs subscribe for continuous ingestion oversight; publishers add per-credential reviews or snapshot reports on top of any bundle or PAYG path.

    Audit Reports

    $2,749/report

    On-request

    • Snapshot reports on your credential corpus
    • Procurement-ready evidence on demand
    • Included quarterly with Scale subscription
    • Included monthly with Enterprise subscription
    Request a report →

    Named-Analyst Review

    $549–$2,749/license

    À la carte

    • Per-credential human review
    • Written commentary on edge cases
    • Named-analyst sign-off on the attestation
    • Multi-asset package: $2,749–$10,990
    Commission a review →

    Qualified-Counsel Review

    $10,990+/attestation

    Quoted (up to $54,990)

    • Legal-grade attestation by qualified counsel
    • Multi-page document, named-counsel sign-off
    • Partial indemnification per contract
    • For litigation, regulatory submissions, M&A IP due diligence
    Request a quote →
    Scope of attestation by tier (canonical disclosure)

    Standard (automated): LicenseFoundry attests that (a) the issuer's identity has been verified; (b) the rights claims have been reviewed against the asset metadata and any corroborating evidence the publisher supplied via automated cross-reference; (c) no red flags appeared in our automated pre-issuance check. Does not include human review of specific rights claims, render legal opinion, or indemnify against third-party claims.

    Named-Analyst Review: includes all elements of Standard plus (a) review by a named LicenseFoundry analyst; (b) written commentary on edge cases; (c) sign-off by the named analyst.

    Qualified-Counsel Review: includes all elements above plus (a) legal review by qualified counsel; (b) multi-page attestation document suitable for use as evidence; (c) named-analyst and named-counsel sign-off. Indemnification terms negotiated per contract.

    Full attestation tier spec →

    Pricing changes carry 90 days' notice to active accounts. All prices in USD; billed via Stripe. VAT additional where applicable.

    Two paths for labs.

    Cryptographic verification of any LicenseFoundry credential runs locally in your SDK against cached JWKS — milliseconds per check, in-process, no metering, no API key, no network call to us. Free for any verifier.

    import { verify } from "@licensefoundry/sdk";
    
    const result = await verify(credentialJwt);
    if (!result.valid) throw new Error(result.reason);

    Get the SDK on GitHub → Python SDK (licensefoundry on PyPI) has the same shape.

    Labs have two jobs. The first is always: verify what comes in. The second is conditional on shipping models or generative output: document what goes out.

    Path A · AUDIT-only

    For labs that ingest credentialed content but don't ship credentialed output.

    • Choose your AUDIT tier: Audit Starter $2,199/mo, Audit Growth $6,599/mo, or Audit Enterprise (quoted, $16,599+/mo)
    • Unlimited verification (free for everyone)
    • Continuous audit trail across your ingested corpus
    • Quarterly documentation reports (depth scales with tier)
    • No publisher subscription needed

    Path B · AUDIT + Publisher bundle

    For labs that also ship credentialed output — models, fine-tunes, generative results.

    • Subscribe to AUDIT (any tier) for ingestion oversight
    • Subscribe to a publisher bundle (Starter / Growth / Scale / Enterprise) for Credentials + Standard Licenses on outputs you ship — ASSESS is free for everyone, no subscription required
    • Two subscriptions, two invoices — both predictable monthly
    • Each side stands on its own clean tier — no special "bundle SKU"
    • Premium and Bespoke LICENSE attestations remain à-la-carte

    Why this is cleaner than a combined bundle: each side has different usage patterns. Lab ingest grows with training data; output issuance grows with commercial product shipped. Two subscriptions scale independently. One invoice covering both forces compromises in either ingestion or output capacity.

    More than compliance. A commercial advantage.

    The defensive case is straightforward — when regulators or counsel ask, you have signed evidence. The commercial case is what most prospects miss: credentials change what each side can sell and what they can charge for. The same artefact that protects you when something goes wrong also widens the deal you can sign when things go right.

    For content platforms

    Charge a premium for credentialed catalogs.

    A licensed dataset that ships with a signed credential trail is worth materially more to an AI lab than the same dataset on a "trust us" basis. Labs pay more for training data they can defend — and you're the one selling them that defensibility. The same credentials also win bilateral deals against competitors who can only offer their own assertion. Same catalog, higher take rate.

    For AI labs

    Sell certainty to your enterprise customers.

    When your enterprise customers' procurement teams ask "what was this model trained on, and was it cleared?", today your answer is "trust us." With a credentialed training corpus, your answer is a signed report from an independent third party — verifiable by their legal team without trusting either of us. That converts the conversation from defending an objection to justifying a premium tier.

    Compliance protects the floor of the business. Credentialed inputs raise the ceiling — for issuers, by widening what their catalog is worth; for labs, by letting them charge enterprise customers a premium for provable provenance.

    Free for open source. No volume cap.

    Open-source datasets are the supply that makes AI training defensible. We treat them as critical infrastructure, not a paying customer segment. CREDENTIAL issuance is free, unlimited, for any OSI-licensed asset — automatically, at issuance time. (ASSESS scoring is free for everyone; OSS gets the CREDENTIAL tier free on top.)

    What's free for everyone: ASSESS (score any asset, unlimited, no auth required).

    What's free for OSI-licensed assets: CREDENTIAL (issue rights manifests for OSI-licensed assets, unlimited). Eligibility is automatic — we parse the LICENSE file at issuance. OSI-recognised licences (MIT, Apache-2.0, BSD, CC0, CC-BY, CC-BY-SA, GPL family, LGPL, MPL, and the full OSI list) qualify.

    What's not free: LICENSE (third-party attestation) and AUDIT (continuous oversight for labs) remain standard-priced for everyone, including OSS use cases. A commercial lab auditing its OSS ingestion is paying us for our oversight, not for the OSS use itself.

    The OSS bot. We also run the LicenseFoundry OSS sidecar bot — it proactively credentials known OSS datasets on HuggingFace, GitHub, and Kaggle, adding a .licensefoundry/manifest.yaml to your repo via a single PR. One PR per repo per lifetime; no nag, no signup. Adds your dataset to catalog.licensefoundry.com when published.

    Disclaimer. The bot's rights translation is one reasonable interpretation of each licence — not legal advice. You review the PR before merging and edit anything that doesn't match your intent. The bot opens at most one PR per repo, ever. Close it without merging and the bot will never approach that repo again. Add a comment containing licensefoundry-no-thanks to a closed PR and we won't approach any of your repos again.

    What's next.

    Direction, not promised delivery dates. Both items below are gated on issuance-volume signals from our ops dashboard — we build them when the supply justifies the surface, not before.

    Compliance Marketplace

    Procurement search across opted-in credentials.

    A queryable index where AI labs filter credentialed supply by jurisdiction lens, minimum compliance score, rights granted, and content type. Publishers opt in per-credential; sample-audit mechanism prevents gaming. Spec at compliance-marketplace-spec.md.

    Gated on ~500 opted-in credentials across ~20 publishers. Not in active development.

    Chain-of-custody credentials

    Credential the entire production chain.

    Output credentials covering model artifacts, fine-tuned weights, and generative outputs — cryptographically referencing the input credentials they were trained on. Downstream consumers verify the chain end-to-end. Extends LicenseFoundry from "credential the inputs" to "credential the entire production chain."

    Small canonical-model extension; falls out of #2 and #3 with no new product column. Not yet exposed in the SDK.

    Plug into the trust layer.

    A credible AI licence needs three things: a structured rights claim from the content owner, a cryptographic signature from a neutral third party, and a verification path every AI lab already uses. We provide the signature and the verification path. Whether you're the one issuing rights or the one ingesting them, the conversation starts the same way.

    For content owners

    Two weeks from first call to your first credential signed under your account, in your sandbox, against your catalogue. We onboard issuers in cohorts and stay hands-on through go-live.

    For AI labs

    Verification is free — install the SDK and verify credentials offline in milliseconds. Audited Provenance and bundle subscriptions activate when you need documented oversight of your training-corpus rights, not before.

    Self-signed credentials are self-attestation. The cryptographic separation between the party making the rights claim and the party signing it is the whole point — and the structural reason this trust layer can only ever be one layer.