How it works, why it works, where it doesn't.
Technical deep-dives on the cryptography, the watermarking algorithms, and the audit findings that shape what receipts.you actually does. No marketing fluff, no roadmap teasers — just the math and the code, with the empirical numbers attached.
Posts
- 2026-05-25
Can someone fake a screenshot? Yes — and here's how to tell.
Faking takes fifteen seconds. Detection is hard. Provenance is the way out. The honest landscape in 2026 — what each category of tool actually does, and what doesn't.
8 min read · provenance · verification · fakes - 2026-05-25
How to prove a deleted tweet existed
Four-step workflow: capture, archive, seal, verify. Each layer covers a failure mode the others don't. Honest about tradeoffs at every layer.
7 min read · workflow · social media · evidence - 2026-05-25
How to tell if a screenshot is real
Cryptographic verification when available. Heuristics when not. The four-step newsroom protocol for screenshot-based stories. The defensible posture in 2026.
9 min read · verification · journalism · forensics - 2026-05-25
EXIF metadata isn't proof
EXIF is editable in fifteen seconds with free tools. Forensic examiners ignore it. Here's exactly how editable it is and what to use instead.
6 min read · forensics · metadata · evidence - 2026-05-25
Why C2PA doesn't solve screenshots
C2PA is well-engineered camera-side provenance. The screenshot use case structurally doesn't fit. Here's why, and what fills the gap.
8 min read · standards · C2PA · provenance - 2026-05-25
What does an OpenTimestamps anchor actually prove?
OpenTimestamps commits a hash into a Bitcoin transaction. The plain-language explanation of how that works, what it proves, and where its guarantees stop.
6 min read · cryptography · OpenTimestamps · Bitcoin - 2026-05-25
Perceptual hashing for the curious: pHash, dHash, and the verdict ladder
Why we AND-gate two perceptual hashes. The four-tier verdict ladder with empirical thresholds. The recompression-resilient layer that survives Twitter and WhatsApp.
7 min read · cryptography · perceptual hashing · verification - 2026-05-25
How to seal a screenshot for court (the FRE 901 walkthrough)
FRE 901 authentication walkthrough for sealed screenshot evidence. What to bring; what to expect; what the cryptography buys you in front of a judge.
7 min read · legal · FRE 901 · court - 2026-05-25
Browser-side SHA-256: how WebCrypto makes the privacy story work
Six lines of WebCrypto code is the whole privacy story. Here's the code, and how to verify in DevTools that the image actually never leaves your browser.
6 min read · privacy · WebCrypto · architecture - 2026-05-25
The economics of free: how receipts.you survives on Cloudflare's free tier
Hash-only architecture + edge compute + free-tier storage = ~$0/month operating cost. The structural reasons, and what they imply for long-term sustainability.
6 min read · operations · sustainability - 2026-05-25
How to verify a receipt offline with openssl
Five-command recipe to verify any receipts.you receipt without our servers. The cryptographic guarantee outlives us; this is how you exercise it.
5 min read · cryptography · verification · openssl - 2026-05-25
The receipt's threat model, explicitly
What attacks a receipt defeats, what it doesn't, and where the boundary sits. The honest version of what cryptography buys you, and what it doesn't.
7 min read · security · threat model - 2026-05-25
DMCA evidence — what creators actually need to attach
A DMCA notice is only as strong as the evidentiary attachment. Here's what to include, what to skip, and why the receipt URL gets notices honored faster.
7 min read · creators · DMCA · legal - 2026-05-24
A robust invisible watermark in 500 lines of browser JavaScript
How we ported the ShieldMnt DWT+DCT+SVD watermark to pure browser JS, why our first synthetic test passed while the real Instagram pipeline failed, and how a CRC-validated scale-factor search closes the gap. Includes the empirical numbers across JPEG + resize + crop attacks.
14 min read · watermarking · DWT · DCT · browser cryptography
The verifier client is open source on GitHub. Reading the code is the fastest way to confirm that the cryptography matches the marketing.