Sign It — frequently asked

Before you publish, ideally. Signatures are timestamped, so signing before the work goes online gives you the earliest possible record that it's yours — the strongest footing if it's ever copied or contested.

That said, it's still well worth signing work that's already out there. Because Sign It uses perceptual matching, your signature isn't bound to one exact file: sign your original and the copies already circulating on social media — resized, recompressed, re-uploaded — can still be matched back to it. Someone who downloads the version doing the rounds and verifies it will see your signature. Earlier is better, but signing late beats not signing at all.

Quite a lot — and it all travels with the signature as public, machine-readable terms anyone can check. When you sign you can declare:
• Licence — how others may use the work (a Creative Commons licence, or your own terms).
• AI training — explicitly allow or deny use of your work to train AI; pipelines can read this before they ingest it.
• Commercial use — whether the work is available for commercial licensing.
• Contact — let people reach you about licensing through a private relay, without exposing your email.
• AI-use disclosure — state whether the work is human-made, AI-assisted, or AI-generated.
You can also add an optional note and a signing intent (authorship, approval, witness, and so on). It's all optional — sign with as much or as little as you like — and anything you declare is published with the signature for a buyer, a platform, or an AI pipeline to read.

"Trust me" is exactly what a provenance tool shouldn't ask for. You don't have to take our word for any of this — here's why:

The proof doesn't live on a Flowsta server. Every signature — the file's SHA-256 hash, your Ed25519 signature over it, the timestamp, and the declared content rights — is written to a public Holochain DHT and replicated across many independent nodes. There's no central database we could quietly edit, lose, or be compelled to hand over.

The code that creates and checks signatures is open source. Flowsta Vault is MIT-licensed and public, and all three Holochain DNAs Flowsta runs are Apache-2.0 and public:
• flowsta-signing-dna — the Sign It signing logic (Ed25519 over file hashes)
• flowsta-identity-dna — public profiles and DID resolution
• flowsta-private-dna — your encrypted private data
Those exact DNAs are bundled inside the open-source Flowsta Vault, so you can read the source, build it yourself, and confirm the same DNA — identified by its content hash — is what actually runs.

You hold the keys. Your signing key is derived from your 24-word recovery phrase (HMAC-SHA256 → Ed25519) and lives in Vault on your own device — never on our servers. Only the holder of that key can sign as you, and only you can export it.

No lock-in. You can export your keys and your data at any time and keep using them on any compatible Holochain conductor. User data portability isn't a feature we chose to be nice — it's a core requirement of the Cryptographic Autonomy Licence that Holochain itself is released under.

Anyone can verify — no account. Verification is free, open, and needs no login: drop a file on the verify page or query the public API. (Our hosted web API is just a convenience layer for the website — it isn't where your proof lives, and the open-source Vault reads and writes the same network without us in the middle.)

Cryptographic hashing (SHA-256) changes completely if even a single byte changes — perfect for proving an exact file, useless for finding edited copies. Perceptual hashing is the opposite: it produces a fingerprint of what the content looks or sounds like, so near-duplicates produce near-identical fingerprints.

When you sign a supported file, Sign It computes that fingerprint and stores it on the Holochain DHT next to your signature. The fingerprint is split into smaller bands (buckets) so a verifier can pull candidate matches that share any band without scanning the whole network, then rank them by how close the full fingerprints are — a Hamming-distance similarity score, which is the "Similar (87%)" figure you see on a fuzzy match.

By media type: images use pHash, a DCT-based perceptual hash robust to resizing, recompression, format conversion and small colour/brightness shifts; audio uses Chromaprint (the acoustic fingerprinting behind Shazam-style matching), so a re-encode, bitrate change or format swap still matches; video uses frame-sampled perceptual hashing across sampled frames.

What survives: resizing, cropping (within reason), recompression, re-encoding, format conversion and minor edits. What won't: heavy re-composition, very aggressive crops, or content changed beyond recognition — at that point it isn't really your file any more.

Privacy: the file is sent to the server only to compute the fingerprint when there's no exact SHA-256 match, and is discarded immediately. The bytes are never stored.

Signing is public by design — that's what makes it useful as proof. What goes on the network is the file's hash, your signature, a timestamp, your public identity, and any rights you declared. Your signatures also appear on your public creator page, which doubles as a verifiable portfolio of your work.

What stays private: the file itself never leaves your device — only its hash is recorded, so the contents aren't published. Your email isn't exposed either; people can only reach you through the optional contact relay, and only if you turn it on. And signing is always your choice — if you'd rather a piece not be publicly tied to you, simply don't sign it.

Sign It records who signed what, and when — it doesn't gatekeep who's allowed to sign a given file, so in principle anyone could sign a copy of your work. What protects you is that every signature is public, timestamped, and tied to an identity, so anyone verifying sees the whole picture rather than a single unchallenged claim.

If you signed first, that earlier timestamp is strong evidence of priority. You can also add your own signature even when someone else got one in first — both show up together — and an established creator profile with a signing history carries weight that a throwaway identity doesn't. It's the clearest reason to sign early: the earliest, identity-backed signature is the one that holds up.

Signing gives you strong, independently verifiable evidence that a specific file existed, that you signed it, and when — together with whatever rights you declared. That's genuinely useful if your authorship is ever questioned.

What it isn't is a copyright registration or legal advice. In most places copyright arises automatically when you create something, and formal registration (where it exists) is a separate process. Think of a Sign It signature as a clear, timestamped, tamper-evident record you can point to — a strong piece of evidence, not a courtroom guarantee. For anything high-stakes, check with a lawyer in your jurisdiction.

Either — both produce the same signatures on the same network, under the same identity.
• The flowsta.com dashboard — sign straight from your browser, nothing to install. Your file is hashed locally before anything is sent. Great for everyday files.
• Flowsta Vault (the open-source desktop app for Linux, macOS and Windows) — signs entirely on your machine, handles large files (up to 10 GB), lets you right-click a file in your file manager to sign it, and works offline. Best for big media like RAWs, video and audio, and for keeping everything local.
Your recovery phrase works across both, so you can switch freely.

Verifying is free, open, and needs no account.

Check a file — drop any file on the verify page. It's hashed in your browser and matched against the network; if there's no exact match, perceptual matching looks for edited copies. You'll see who signed it, when, and the rights they declared.

Browse a creator — every signer has a public profile at flowsta.com/<username> that lists everything they've signed, so you can check a piece against their verifiable portfolio in one place.

Verify in code — developers and AI companies can check signatures programmatically through the free, unauthenticated API:
GET https://auth-api.flowsta.com/api/v1/sign-it/verify?hash=<sha256>It returns the matching signatures and declared content rights as JSON — no key, no account. Full reference in the Sign It API docs.

Verifying is always free and needs no account.

Signing comes with a monthly allowance of signatures that resets on your billing date:
• Free — 2 signatures per month.
• Premium ($10/month or $100/year) — 100 signatures per month, plus shorter usernames and priority support.
• Premium Plus ($50/month or $500/year) — 1,000 signatures per month, and a 5-character username included.
Full details on the Premium page.

Building signing into your own app or product? You can add Sign It through the Flowsta API and SDK, with its own plans and higher volumes — see dev.flowsta.com for pricing and docs.

Your file is hashed in your browser with SHA-256, and we look for an exact match using just that hash. If no exact match is found, the file is briefly sent to our server to compute a perceptual fingerprint (which finds resized, cropped, or recompressed copies of signed work), then immediately discarded. The bytes of your file are never stored.

On a public Holochain DHT — a distributed store maintained by a network of independent nodes, not a database Flowsta owns. When you sign, the record is written to your own append-only source chain and then published to the DHT, where other nodes validate it against the signing rules and replicate it.

Each record holds the file's SHA-256 hash, your Ed25519 signature over that hash, your public key, a timestamp, and anything optional you added — content rights, AI-use disclosure, and a perceptual fingerprint for similar-file matching. The file itself is never part of it; only its hash.

Flowsta runs signing nodes in Iowa, Europe and Singapore, and every copy of the open-source Flowsta Vault runs a Holochain node too — so the signing data is replicated across Flowsta's regions and across community members' own computers. There's no single server that could be quietly edited or taken down. And because the records are public, anyone can verify them, including straight from the open-source Flowsta Vault without going through us.

No gas fees, no per-transaction cost, no token speculation, no environmental footprint. Holochain is agent-centric — each user has their own chain — making per-action cost effectively zero. We didn't want signing your own work to require buying crypto.

What it is: Holochain is a framework for building peer-to-peer apps without a blockchain. Instead of one global chain that every transaction competes to write to, it's agent-centric: each participant keeps their own append-only source chain of actions, signed with their own keys. When an action needs to be shared, it's published to a DHT (a distributed hash table) where other nodes independently validate it against the app's rules and replicate it. There's no mining, no global consensus race, no gas, and no token — validation is just peers checking each other's work, so an action costs little more than bandwidth. (More at holochain.org.)

How Flowsta uses it: Flowsta runs three Holochain apps (DNAs), all open source:
• Signing — powers Sign It: your Ed25519 signature over a file's hash, plus declared content rights, on a public DHT.
• Identity — public profiles and decentralized identifiers.
• Private — your own encrypted data (email, recovery, 2FA) that only you can decrypt.
Flowsta Vault — the open-source desktop app — runs a Holochain conductor right on your machine: it holds your keys, signs locally, and talks to Flowsta's network nodes over Iroh, the QUIC-based networking Holochain 0.6 uses. And because every Holochain app must comply with the Cryptographic Autonomy Licence, you can always export your keys and data and run them on any compatible conductor — that portability is required, not a favour.

With NFTs you mint a token on a public blockchain, the token is the thing you own, and the file itself usually lives somewhere else — a URL, an IPFS hash.

Sign It comes at it from the other end. When you sign a file, the hash, your signature, and a timestamp go on a public Holochain DHT. The file never has to leave your device — no IPFS, no public mirror, nothing. That record alone is a strong cryptographic claim: "this person made this, on this date, before anyone else." Which is what ownership actually means before trading gets layered on top.

Sign It also uses perceptual hashing alongside cryptographic hashing, which means modification doesn't break the proof. If someone takes your image and crops it, re-encodes it, or trims and remixes your audio and tries to claim it as theirs, your original signature can still be matched against the derivative.

NFTs went straight at tradeability. Sign It is built around proving you made something first — which is why the right time to sign something is before anything goes online, not after.

Forensic (or "invisible") watermarking hides a robust mark inside the pixels or audio of a file — services like Digimarc and Imatag sell it to trace where a copy came from, even after cropping or recompression. It raises the bar against casual reuse, but it's worth being straight: those marks can be removed or defeated, and the harder your case, the easier they often are to beat.

Collusion attacks. The whole idea is that the same image carries a different mark on each channel (Getty, iStock, Adobe…) so a leak can be traced to its source. But anyone who obtains two or more of those copies can compare and average them to estimate and strip the per-copy mark. The very thing that makes tracing possible — multiple marked copies in circulation — is what makes removal possible. Anti-collusion schemes (Tardos codes) exist, but they need many copies and longer marks, and still have limits.

AI regeneration. Passing an image through a diffusion / img2img model, or a purpose-built watermark remover, reconstructs a perceptually-identical image with the mark gone. Strong denoisers and aggressive geometric distortion also desync many detectors — and this has improved dramatically in the last couple of years.

You're tied to their detector. The mark lives in the pixels, and only the vendor's proprietary detector can read it — so if they change terms, raise prices, or shut down, your ability to trace goes with them. And it only ever confirms its own mark, not that a given file is genuinely your original work.

Why Sign It is on firmer ground. Sign It embeds nothing in your file, so there's nothing to strip. The proof — a hash of your file plus your signature and timestamp — lives on the network, and a perceptual fingerprint matches edited copies back to your original. Proving a recovered file is yours, which is the evidence that actually backs a takedown or a claim, is durable in a way an embedded mark can't be. The one thing watermarking promises that nothing can reliably deliver is pinpointing which channel a copy leaked from — so be wary of anyone who guarantees it.

No — you don't have to sign before distribution, though there's a small advantage to doing it early. Signatures are timestamped, so signing before your work goes out gives you the earliest possible record that it's yours — the strongest footing if it's ever sampled, scraped or contested. But it isn't a requirement: Sign It matches on the content itself, not an exact file, so you can sign work that's already on the platforms and copies in the wild — re-encoded, compressed, format-swapped — still trace back to your original. Earlier is better; later still works.

Sign It sits alongside your distributor, not instead of it. Services like CD Baby, DistroKid and TuneCore get your music onto streaming platforms and make sure the royalties find you, and the metadata they add is about tracking plays and payments. Sign It isn't a distributor and doesn't collect royalties — keep using your distributor for that. What Sign It adds is proof that the work is yours, and the terms you set for it, independent of any platform. Because the proof lives on a public network rather than inside the file, it survives the re-encoding and metadata-stripping that happens as your work moves through a distributor, a streaming service and everywhere else — which is exactly where a distributor's embedded metadata tends to get lost.

The part most worth it for a musician right now is the rights side: when you sign, you can publicly declare how your work may be used — including a clear allow or deny on AI training — as a machine-readable claim anyone, including AI companies, can check. That's something distributor metadata and streaming platforms don't state for you.

So the simplest way to picture it: sign your masters with Sign It, ideally around the time you send them to your distributor, then distribute exactly as you do now. One proves it's yours and sets your terms; the other gets it heard and paid — they sit side by side.

Yes — and it's the one thing only you can do. Flowsta doesn't create your recovery phrase automatically: you generate it yourself from your Flowsta dashboard soon after signing up (we'll keep reminding you until you do), and it's shown only once. Those 24 words are the master key to your identity — every signing key is derived from them — so set it up early and store it safely.

Because Sign It is zero-knowledge, Flowsta never has your phrase, so there's no email or password reset. If you lose it — or never set one up and then forget your password — that identity can't be recovered. Your keys, your data; not your keys, not your data.

The upside of holding it yourself: you're not tied to one device. As long as you have the phrase you can restore your identity — and keep signing as the same you — on a new machine or a fresh Flowsta Vault install just by entering it. Anything you've already signed stays valid and publicly verifiable no matter what, since those records already live on the network.

Treat it like the master key it is: write it down, store it offline in more than one safe place, and never paste it into a website or hand it to anyone.

Any file. Sign It works on the SHA-256 hash, so it doesn't care if it's an image, video, PDF, .zip, source code, or anything else. Perceptual hashing (for similar-file detection) currently covers images, audio and video.

Ed25519 signatures (the same scheme used by SSH, Signal, and Holochain itself). Keys are generated from your 24-word recovery phrase via HMAC-SHA256 derivation. Vault holds your private key; the public key is your identity on the network.

Only if they have your private key (or your recovery phrase). The signature is cryptographically tied to your public key — anyone who finds someone else's public key can verify their signatures, but only the holder of the matching private key can create new ones.

Yes. Revocation is a separate signed entry that any verifier sees alongside the original. Useful if you signed something by mistake, or if you withdraw consent. The original signature stays visible — revocation is a public statement, not a deletion.

Yes. Amending re-signs the same file with updated details — change your declared content rights, update your AI-use disclosure, or add a note — and creates a new signature that supersedes the previous one.

Nothing is deleted: the original stays permanently on the network, and the new version links back to it, so the full edit history is public. By default, verification shows the latest version; anyone can expand the history to see exactly what changed between versions.

Amending is different from revoking — revoking withdraws a signature, while amending replaces it with an updated version. Amendments count toward your monthly signing quota.

Yes. Drop this two-line snippet into any page, replacing the hash with your file's SHA-256:

<div data-flowsta-hash="abc123..."></div> <script src="https://flowsta.com/sign-it/widget.js" async></script>It renders a card showing signer, timestamp, and content rights. Light and dark themes auto-detect. Full reference: Badge & Widget docs.

Any signed file exposes a machine-readable rights endpoint:

GET https://auth-api.flowsta.com/api/v1/sign-it/content-rights?hash=<sha256>It returns the signer-declared license, AI-training policy, commercial-licensing stance, and contact preference as JSON. If the signer set ai_training: NotAllowed, pipelines should skip the file. Most restrictive policy wins when multiple signers disagree. Full spec: Content Rights API.