Original Pictures
Replicate prediction-completion signing

C2PA Replicate Integration: Model Output Provenance

Definition: The Original Pictures Replicate integration signs model output when a prediction completes, using Replicate's webhook, so platforms serving many models add marking at the output boundary.

TL;DR: Replicate runs API infrastructure for tens of thousands of models and carries real Article 50 exposure for EU-facing output. A webhook on prediction completion that POSTs the result to the signing API marks every output regardless of which model produced it.

Webhook on completion

Replicate can call a webhook when a prediction finishes. That handler fetches the output, calls the signing API with an ai_generated assertion, a watermark, and an anchor, and stores the manifest, so marking is uniform across every model you serve.

Model-agnostic marking

Because the signing happens at the output boundary, it does not matter which of the many Replicate models produced the asset. One handler marks them all, which is the clean way to cover a multi-model platform for Article 50.

Exposure and coverage

A platform serving EU users from many models inherits marking obligations across all of them. Output-boundary signing guarantees coverage without instrumenting each model individually.

Implementation

# Webhook handler for Replicate prediction.completed
def on_prediction_completed(payload):
    from originalpictures import client
    op = client(api_key=os.environ['OP_KEY'])
    for url in payload['output']:
        op.sign(asset_url=url, producer='my-replicate-platform',
                assertions={'c2pa.created': {'actions': [{'action': 'c2pa.ai_generated', 'softwareAgent': payload['model']}]}},
                disclosure='art50.2', watermark='trustmark', anchor=True)

FAQ

Does this cover every model on my platform?

Yes. Signing at the prediction-completion boundary marks output from any model, so coverage does not depend on per-model instrumentation.

Where Original Pictures stands today

Original Pictures ships three things today: a Sign API, a Verify API, and the SDKs that wrap them. One POST /v1/sign attaches a C2PA-format manifest, an invisible TrustMark watermark, and an OpenTimestamps anchor. The open-source verifier checks any of it without calling us.

Two things are on the near roadmap, and we name them as roadmap, not as shipped: C2PA Conformance Program recognition (target Q3 2026, until then our manifests use the published C2PA v2.2 format and any C2PA-aware validator can read them, but third-party validators will show our signer as not-yet-listed), and a consumer capture app (Q3 2026). We do not sell a capture SDK, and we do not claim Trust-List membership we do not yet hold.

Bottom line: Sign on Replicate's prediction-completion webhook to mark output from every model at the boundary, covering a multi-model platform for Article 50 in one handler.

Related


Original Pictures is progressing through the C2PA Conformance Program; our signing certificate is not yet on the official C2PA Trust List. Target: Q3 2026. We will not describe ourselves as "C2PA-certified" until it is true.

Original Pictures provides content-provenance infrastructure. It does not by itself constitute legal compliance with the EU AI Act or any other regime; compliance depends on how you deploy it, your disclosures, and your governance. Figures are drawn from public reporting, verify against primary sources before citing in regulated materials. Nothing here is legal advice.

Last verified 2026-05-25. Author: Mahdi Kazempour, Founder, Original Pictures.