NexiMedia
All Ventures Contact
NEXI — CONFIDENTIAL  |  INTERNAL USE ONLY  |  NOT FOR DISTRIBUTION
COMING SOON — Fastest to Revenue

NEXI Ventures — Product Brief

PROOF
MARK

Cryptographic Content Authentication Protocol

Every image, video, document, and audio file leaves a permanent, mathematically-verifiable trail. No central authority. No trusted third party. Pure cryptographic proof — anchored to time.

SHA-256 · ECDSA · RFC 3161 C2PA Compatible EU AI Act Ready 2–3 Week Build $15K MVP
2¹²⁸
Collision Resistance (ops)
2–3 Wks
Build to Launch
$15K
MVP Budget
O(log n)
Batch Proof Size

The Problem

Content trust is collapsing in real time

AI image and video generators produce indistinguishable synthetic media at zero marginal cost. Deepfakes are cheap. Misinformation is profitable. The existing response — "context clues" and "media literacy" — has categorically failed. The only viable solution is mathematical proof applied at the moment of creation.

MARKET SIGNAL — 2026

The EU AI Act Changes Everything

Effective August 2026, the EU AI Act mandates provenance labeling for all AI-generated content distributed within the European Union. Organizations failing to comply face fines up to €30M or 6% of global annual turnover. ProofMark's C2PA-compatible manifests satisfy this requirement automatically.

  • 450M EU citizens — largest regulatory mandate for content authentication in history
  • Applies to news, advertising, social media, e-commerce, and government communications
  • US executive order and UK Online Safety Act pushing in the same direction
  • C2PA standard backed by Adobe, Microsoft, Google, Intel, ARM, and Sony
HIGH-VALUE VERTICALS

Who Cannot Afford Ambiguity

Six markets face existential risk from fake content:

  • Journalism — wire services, investigative desks, and photo agencies
  • Legal — evidence authentication, contract timestamping, notarization
  • Finance — KYC document integrity and regulatory audit trails
  • Creative — photographers and filmmakers protecting IP and licensing
  • Enterprise — HR, compliance, and procurement document integrity
  • AI Content — mandatory disclosure and brand protection against fakes

Cryptographic Foundation

The math that makes forgery computationally impossible

ProofMark is not a "trust us" system. Every proof is independently verifiable with open-source tools and no access to ProofMark's servers. The security derives from mathematical hardness assumptions — problems requiring compute power equivalent to all Bitcoin mining for longer than the age of the universe.

PRIMITIVE 01 — CONTENT HASHING

SHA-256 (NIST FIPS 180-4) — Deterministic 256-Bit Fingerprint

Every file ingested by ProofMark is reduced to a 256-bit digest that deterministically encodes its exact byte sequence — pixel values, audio samples, glyph positions. The hash is the cryptographic fingerprint. Any modification, even changing a single pixel, produces a completely different hash.

Collision Resistance

Birthday bound at 2¹²⁸ operations (~3.4 × 10³⁸). At 10¹⁸ hashes/second (all of Bitcoin's combined hashrate), finding a SHA-256 collision requires 1.08 × 10²² years of continuous computation.

Preimage Resistance

Reversing a SHA-256 hash to recover the original requires 2²⁵⁶ operations. The observable universe contains ~10⁸⁰ atoms. Preimage attacks are physically impossible with any conceivable technology.

Avalanche Effect

A single bit change in input causes ~50% of output bits to flip — the strict avalanche criterion. Watermarked vs. original, visually identical images produce completely different hashes. No gradient-based forgery works.

Implementation SpecificationSHA-256(content_bytes) → 256-bit digest (32 bytes, 64 hex chars) Streaming mode: chunk_size = 4 MiB, memory footprint = O(1) Format-agnostic: strip EXIF metadata → hash raw pixel bytes (images) Video: H(concat(frame_hashes)) OR H(container_bytes) — both modes supported Documents: H(binary_representation) — PDF, DOCX, raw UTF-8 text Audio: H(PCM_samples) — codec-independent, captures true signal content
PRIMITIVE 02 — DIGITAL SIGNATURES

ECDSA on secp256k1 — The Same Primitive Securing $1.6T in Crypto

A SHA-256 hash proves the content is unchanged. A digital signature proves who generated that hash — and binds them to it permanently. The signer cannot deny it. The mathematics of the elliptic curve discrete logarithm problem makes denial mathematically meaningless.

Curve Definition — secp256k1Equation: y² ≡ x³ + 7 (mod p) Prime field: p = 2²⁵⁶ − 2³² − 977 Generator: G = (Gx, Gy) — published NIST constant Order: n = FFFFFFFF...BAAEDCE6...364141 (256-bit prime) Security: 128-bit symmetric equivalent Trapdoor: ECDLP — no known sub-exponential algorithm
Key GenerationPrivate key: k ←uniform random ∈ [1, n-1] Public key: K = k × G (elliptic curve scalar mult) Relationship: computing k from K requires solving ECDLP Hardness: best known algorithm = Pollard rho, O(√n) ≈ 2¹²⁸
Signing AlgorithmInput: digest h, private key k 1. Nonce: r ←uniform random ∈ [1, n-1] 2. Point: (x₁, y₁) = r × G 3. R = x₁ mod n 4. S = r⁻¹ · (h + R · k) mod n Output: signature (R, S) — 64 bytes total Note: RFC 6979 deterministic nonce for side-channel safety
Verification AlgorithmInput: (R, S), digest h, public key K 1. w = S⁻¹ mod n 2. u₁ = h · w mod n 3. u₂ = R · w mod n 4. (x₁, y₁) = u₁ × G + u₂ × K 5. Valid ⟺ x₁ ≡ R (mod n) Non-repudiation: only K-holder could produce valid (R, S)
Production Battle-Testing

secp256k1 ECDSA secures $1.2T in Bitcoin and $400B in Ethereum. Every on-chain transaction — hundreds of millions per day across both networks — relies on this exact signature scheme. ProofMark reuses the most battle-tested cryptographic primitive in the history of software.

PRIMITIVE 03 — TIMESTAMP AUTHORITY

RFC 3161 Time Stamping Protocol — Legal-Grade Temporal Proof

Hash + signature proves authenticity. A timestamp proves when the content existed. RFC 3161 is the internet standard for trusted timestamping — its tokens are admissible as legal evidence in courts across the US, EU, and UK under eIDAS, the ESIGN Act, and UETA.

STEP 01
Client Sends Request

Client generates a TimeStampRequest containing a nonce and the SHA-256 digest. Zero content leaves the client — only the 32-byte fingerprint traverses the network.

STEP 02
TSA Returns Signed Token

TSA records current UTC time (±1 second accuracy), appends nonce and serial, signs the TSTInfo structure with its X.509 certificate. Returns a TimeStampToken in ASN.1 DER encoding.

STEP 03
X.509 Chain of Trust

TSA certificate chains to an intermediate CA and then to a root CA — DigiCert, Entrust, or GlobalSign. Token is verifiable without ProofMark servers existing at all. Permanent proof.

TSTInfo ASN.1 Structure (RFC 3161 §2.4.2)TSTInfo ::= SEQUENCE { version INTEGER { v1(1) }, policy TSAPolicyId, -- TSA's stamping policy OID messageImprint MessageImprint { -- CRITICAL FIELD hashAlgorithm AlgorithmIdentifier, -- SHA-256 OID hashedMessage OCTET STRING -- SHA-256(content) — 32 bytes }, serialNumber INTEGER, -- monotonically increasing genTime GeneralizedTime, -- UTC timestamp (legally binding) accuracy Accuracy OPTIONAL { -- ±1 second per RFC seconds INTEGER OPTIONAL, millis [0] INTEGER(1..999) OPTIONAL }, ordering BOOLEAN DEFAULT FALSE, nonce INTEGER OPTIONAL -- client's anti-replay nonce } -- ContentInfo wrapper: TSA's ECDSA/RSA signature over DER(TSTInfo)
PRIMITIVE 04 — BATCH VERIFICATION

Merkle Tree Architecture — O(log n) Inclusion Proofs

Individual timestamping at scale is expensive and serial. ProofMark uses a binary Merkle tree to batch-certify thousands of documents with a single TSA call every 60 seconds. The inclusion proof for any document in a batch of 1,000,000 requires only 20 SHA-256 hashes — 640 bytes regardless of batch size.

Tree ConstructionLeaf nodes: L_i = SHA-256(document_i) Internal nodes: P = SHA-256(LeftChild || RightChild) Root: single 32-byte value for entire batch Batch n=10,000 → root (32 bytes, one TSA call) Merkle proof: ⌈log₂(10000)⌉ = 14 sibling hashes Proof size: 14 × 32 bytes = 448 bytes Verification: 14 hash operations — O(log n) Sparse Merkle tree variant: efficient updates/deletions Padded to power-of-2: empty leaf = SHA-256(0x00)
Inclusion Proof VerificationInput: document, merkle_path[], root_hash 1. current ← SHA-256(document) 2. for (sibling, side) in merkle_path: if side == LEFT: current ← SHA-256(sibling || current) else: current ← SHA-256(current || sibling) 3. return current == root_hash Cost: O(log n) hash operations, O(1) space Security: forging a proof requires finding SHA-256 collision — computationally infeasible (2¹²⁸)
Batch Economics — Why the Unit Margins Are Extraordinary

1 TSA API call costs $0.001. That call timestamps the Merkle root, which represents 10,000 documents simultaneously. Per-document TSA cost: $0.0000001. We charge $0.029/document on Pro. Gross margin on timestamping component: 99.999%. Infrastructure scales linearly with documents; revenue scales linearly with documents. Perfect margin retention at scale.

PRIMITIVE 05 — INDUSTRY STANDARD

C2PA Manifest — Coalition for Content Provenance and Authenticity

C2PA is the emerging global standard for content provenance, backed by Adobe, Microsoft, Google, Intel, ARM, and Sony. The EU AI Act's technical provenance requirements map directly to C2PA. ProofMark generates fully-compliant C2PA manifests and embeds them in media via JUMBF containers.

  • JUMBF container — JPEG Universal Metadata Box Format; manifest rides inside the media file itself, not in a sidecar
  • Creator assertions — cryptographically bound identity: who created the content, which tools, which model (if AI-generated)
  • Action history — full edit lineage: original capture → crop → color grade → export → republish — each step signed
  • Hard binding — cryptographic link between manifest and content bytes; modifying any pixel invalidates the manifest signature
  • Ingredient references — tracks composites and remixes: when content incorporates other C2PA-signed material, the ancestry is provable
Regulatory Tailwind

EU AI Act (effective August 2026) mandates provenance labeling for AI-generated content. C2PA manifests satisfy the technical requirements exactly. Every ProofMark customer achieves full regulatory compliance automatically — compliance is the product.

Ecosystem Interoperability

C2PA manifests are natively readable in Adobe Photoshop, Lightroom, and the Content Credentials browser extension. Chrome and Safari native support is forthcoming. ProofMark proofs remain verifiable independently of ProofMark infrastructure — permanent by design.

Verification Architecture

End-to-end cryptographic pipeline

Every operation is deterministic and independently reproducible. A third party with no access to ProofMark's servers can verify any proof using open-source cryptographic libraries alone.

// ProofMark Complete Verification Pipeline UPLOAD(file) → SHA256(stream_chunks) → digest [256 bits] │ ├── SIGN: ECDSA_sign(digest, creator_private_key) → (R, S) [64 bytes] │ Non-repudiation guaranteed — (R, S) unique to key pair │ ├── TIMESTAMP: RFC3161_request(nonce, digest) → TimeStampToken [ASN.1 DER] │ TSA signs: { digest, UTC_time ±1s, serial, nonce } │ ├── MERKLE: insert digest as leaf in 60-second batch tree │ every 60s → compute root → anchor root with single TSA call │ └── STORE(PostgreSQL, insert-only): content_hash: hex(digest) -- 64 chars, indexed signature: hex(R) ++ hex(S) -- 128 chars tsa_token: base64(TimeStampToken) -- ~1KB DER blob merkle_proof: [sibling_hashes...] -- O(log n) entries creator_pubkey: hex(K) -- secp256k1 public key c2pa_manifest: base64(JUMBF_bytes) -- C2PA embedded manifest verification_url: "https://proofmark.io/v/{uuid_v5(digest)}" // Public Verification — zero trust, no ProofMark server required VERIFY(verification_url): 1. hash_check: SHA256(re_uploaded_file) == stored_hash? → CONTENT UNCHANGED 2. sig_check: ECDSA_verify(hash, R, S, public_key)? → AUTHENTIC SIGNER 3. tsa_check: verify_token(tsa_token, root_CA_bundle)? → TIME PROVEN 4. merkle_check: walk_proof(hash, siblings, batch_root)? → BATCH MEMBER 5. c2pa_check: verify_manifest(JUMBF_bytes, content)? → PROVENANCE VALID Result: FULLY VERIFIED | CONTENT TAMPERED | SIGNATURE INVALID | UNKNOWN
STORAGE LAYER

Immutable PostgreSQL + Supabase

  • Proof records are insert-only — no UPDATE or DELETE on proof table
  • Index on content_hash (SHA-256 hex) — O(1) lookup by file fingerprint
  • Verification UUIDs are deterministic: UUID-v5(SHA-256(content_hash))
  • Supabase RLS: creators read only their own records — public endpoint bypasses RLS
  • Public verification requires zero authentication — maximum viral reach
API SURFACE

REST + Webhook Architecture

  • POST /proof — multipart upload, synchronous proof generation, response <3s
  • GET /verify/{uuid} — public, unauthenticated, returns full proof JSON
  • GET /proof/{hash} — lookup by content hash (hex); confirm any file without upload
  • POST /batch — submit up to 10,000 pre-computed hashes for Merkle batch mode
  • POST /manifest — generate C2PA manifest for existing signed content
  • Webhooks: proof_created, verification_viewed, batch_anchored
01
Streaming Hash Ingestion — <500ms for any file size
Client uploads via multipart POST. Server streams file through SHA-256 hasher in 4MB chunks — no full-file load into memory. A 4GB video hashes at ~800MB/s throughput. Memory ceiling: O(1). EXIF metadata stripped before hashing for consistency.
02
Parallel Sign + Timestamp — <1.5s total
ECDSA signature generated server-side (no private key material leaves HSM). RFC 3161 request fires to DigiCert TSA — average round-trip 350–500ms. Both operations run concurrently via Python asyncio. TSA timeout fallback to Entrust secondary TSA at 800ms.
03
Merkle Batch Anchoring — every 60 seconds
A background coroutine collects all digests from the previous 60s interval. Binary Merkle tree computed — O(n log n). Root submitted to TSA for a single batch timestamp. Merkle proof paths computed and stored per document. One TSA call covers up to 100,000 documents per minute at scale.
04
Public Verification Page — sub-100ms globally
Verification URL is a deterministic UUID-v5 of the content hash. The page is statically generated at proof-creation time and cached at Vercel Edge nodes globally. Cold-cache miss: Supabase lookup + React SSR ~350ms. Warm cache: <50ms. The verification page embeds open-source crypto verification code — anyone can re-run the math client-side.

Viral Distribution Engine

Verification is the marketing channel

Every proof generates a permanent public URL. Every journalist, editor, photographer, or viewer who verifies content lands on a branded ProofMark page. Verification is free — no account, no friction. The viral loop scales with every creator who publishes.

LOOP STAGE 01

Creator Authenticates

A photographer uploads an image. They receive a verified badge, a public verification URL, and an embeddable HTML snippet. They put the verification link in their portfolio, their licensing agreements, their social captions. Every piece of content they publish carries the ProofMark verification link.

LOOP STAGE 02

Audience Verifies — Free

A news editor clicks the verification URL. They land on a branded ProofMark page showing: hash match (content unchanged), ECDSA signature valid (authentic signer), RFC 3161 timestamp (existed at time T), C2PA manifest (provenance chain). Zero friction. No account required. The editor bookmarks ProofMark.

LOOP STAGE 03

Verifier Becomes Creator

The news editor wants to certify their own published images before competitors steal and recontextualize them. They sign up for a Pro account. The brand whose ad was deepfaked wants enterprise verification for all AI-generated creative. Every verification event is an acquisition touchpoint.

Viral Coefficient Analysis

Each ProofMark Pro subscriber publishes ~47 ProofMark-linked content pieces per month. Each piece generates an estimated 12 verification page views (social sharing, editorial review, licensing checks). At a 2% verifier-to-subscriber conversion rate: 47 × 12 × 0.02 = 11.3 subscriber referrals per Pro user per month. At churn = 4%/month and k-factor ≥ 1.05, growth is self-sustaining without paid acquisition beyond 500 initial subscribers.

Technology Stack

Minimal, fast, production-grade infrastructure

BACKEND — CRYPTOGRAPHIC PROCESSING

Python + FastAPI Core

  • FastAPI (Python 3.12) — async file processing, streaming SHA-256 via hashlib
  • python-ecdsa — secp256k1 ECDSA sign/verify with RFC 6979 deterministic nonces
  • rfc3161ng — RFC 3161 TSA client, DigiCert + Entrust endpoints
  • merkle-py — binary Merkle tree construction, proof generation
  • python-c2pa — C2PA manifest assembly, JUMBF container embedding
  • PostgreSQL + Supabase — immutable proof records, RLS, public verification API
FRONTEND + INFRASTRUCTURE

Next.js + Vercel Edge

  • Next.js 14 — creator dashboard, upload interface, public verification pages
  • Vercel Edge — global CDN, <50ms verification page response globally
  • Stripe — subscription billing, usage-based metering for API customers
  • DigiCert TSA — legal-grade RFC 3161 timestamp authority, primary
  • Cloudflare R2 — optional original file storage at $0.015/GB/month
  • Resend — transactional email: proof receipts, verification alerts, billing

Pricing Model

Free verification. Paid authentication.

Verification is always free — it powers the viral engine. Authentication is where revenue lives. Simple tiers with defensible per-unit economics.

Free
$0
forever
  • Unlimited public verification
  • 5 proofs per month
  • SHA-256 + RFC 3161 timestamp
  • Public verification page
  • ProofMark badge (with watermark)
Get Started
Creator
$9
/month
  • 100 proofs per month
  • ECDSA digital signature
  • RFC 3161 legal timestamp
  • Custom verification page
  • API access — 100 calls/month
  • PDF certificate export
Start Free Trial
Pro
$29
/month
  • 1,000 proofs per month
  • Merkle batch mode
  • C2PA manifest generation
  • White-label verification page
  • API — 10K calls/month
  • Webhook delivery
  • Priority DigiCert TSA (legal grade)
Start Free Trial
Enterprise
$99
/month
  • Unlimited proofs
  • Custom TSA integration
  • Dedicated Merkle anchoring
  • HSM key storage option
  • 99.9% SLA + on-call support
  • SSO + team management
  • EU AI Act compliance report
Contact Sales

Revenue Projections

Conservative path to $1.4M ARR

Milestone Subscribers Avg MRR/User Monthly Revenue
Month 1 — Launch50$14$700
Month 2150$15$2,250
Month 3350$18$6,300
Month 6900$22$19,800
Month 92,000$25$50,000
Month 124,200$28$117,600
ARR at Month 12$1,411,200
UNIT ECONOMICS

Why the Margins Are Extraordinary

TSA cost per proof (Merkle batched) $0.0000001
Storage cost per proof record $0.0001
Revenue per proof (Pro tier) $0.029
Gross margin on core service 96.4%
CAC — viral/organic acquisition $0 – $12
LTV at 18-month retention $522
LTV : CAC ratio 43 : 1

MVP Budget

$15K to launch — 2 to 3 weeks of engineering

ItemTypeCost
Engineering (120h @ $100/h)One-time$12,000
DigiCert TSA (legal-grade RFC 3161)Monthly$89/mo
Supabase ProMonthly$25/mo
Vercel ProMonthly$20/mo
Cloudflare R2 storageUsage~$30/mo
Stripe processing (2.9% + $0.30)Revenue %~$87/mo @ $3K MRR
Domain + SSL certificateOne-time$50
Total MVP Launch Cost~$15,000
Why This Builds Fast

ProofMark requires no ML models, no GPU compute, and no proprietary data. The cryptographic primitives are mature open-source libraries with decade-long production histories. The hardest engineering problems — streaming SHA-256 and RFC 3161 client — are solved problems. Two engineers, three weeks, production-ready.

Defensible Moat

The cryptographic technology is replicable. The moat is network effects: verified creators who embed ProofMark verification URLs in their published work, editorial and legal workflows that adopt ProofMark verification as standard practice, and C2PA ecosystem positioning as an independent certification authority. First-mover advantage in independent content certification is winner-take-most.

NEXI — CONFIDENTIAL  |  INTERNAL USE ONLY  |  NOT FOR DISTRIBUTION