The first complete protocol to certify every AI output — human or agent-generated — and make it fully compliant with EU AI Act Article 50.
From August 2026, EU AI Act Art. 50 mandates machine-readable marking for all AI outputs. As autonomous agents publish content at scale, the infrastructure must go beyond what existing tools — including C2PA — were built for. AIACT50 is the complete answer: four certified layers, one API call.
Every AI-generated output must carry machine-readable marking. No exceptions for agencies, platforms, or autonomous agents. Fines up to €15M or 3% of global turnover.
Google SynthID and Adobe CAI each address a single layer. The EU AI Office's Code of Practice explicitly requires a multi-layer approach. Single-layer deployments leave organizations exposed.
AI agents generating content autonomously — with no human in the loop — require a certification infrastructure that works without API keys, pre-registration, or human approval. Traditional tools weren't designed for this.
Every company that has already adopted C2PA could use our solution to be AI compliant. We don't replace the standard — we complete it for the agentic economy.
Every layer maps to a specific requirement in the EU AI Office Code of Practice. The first three exist. Only Vottun connects all four.
Integrate in 20 minutes. Certify every AI output. Hand clients a verification link they can forward to auditors — or regulators.
Content hash + metadata → immutable Base L2 record + C2PA 2.1 Credential. Returns certificate ID, public verify URL, and transaction hash.
Public endpoint. No API key. No account. Anyone — regulators, auditors, clients — can verify any certificate independently. No trust in Vottun required.
Enterprise dashboard. All certifications, compliance reports, content type breakdown. Exportable PDF/CSV. GRC webhook integration.
import vottun_ai_compliance client = vottun_ai_compliance.Client("vt_live_...") # 4-layer certification: watermark + C2PA + blockchain + detection cert = client.certify( content=ai_output, content_type="text/html", ai_system="claude-sonnet-4-5", classification="fully_ai_generated", # EU AI Act Art. 50 metadata={"client": "Regulated Corp", "deployer": "agency-name"} ) print(cert.verify_url) # → https://verify.vottun.com/c/0x7f3a... print(cert.tx_hash) # → Base L2 transaction hash print(cert.c2pa_manifest) # → C2PA 2.1 Content Credential JSON
AIACT50 is built from the ground up for the autonomous AI economy. Using the x402 protocol (Cloudflare + Coinbase), any agent — on any model, any infrastructure — calls the certification endpoint directly, pays from its own Base L2 wallet via machine-to-machine HTTP payment, and receives an immutable EU AI Act Art. 50 compliance record in under 4 seconds. The wallet is the identity. No prior registration, no human in the loop, no API key required at any step.
Via Claude, GPT, DeepSeek, or any model. Content hash computed locally before any network call. No data leaves the agent until it decides to certify.
The endpoint is open. The agent calls it directly and receives HTTP 402 with USDC payment instructions — zero prior registration required.
The agent sends USDC from its Base L2 wallet. Confirms on-chain in ~2 seconds. The wallet address is the agent's cryptographic identity — no X.509 certificate needed.
All 4 layers applied. Certificate anchored on-chain. Verifiable by any human or machine via GET /verify. No intermediary, no trust in Vottun required.
# No API key. No registration. No human approval. # The agent calls the open endpoint directly. response = requests.post( "https://api.vottun.com/v1/certify", headers={ "X-402-Payment": usdc_proof, # USDC from agent wallet "X-Agent-Wallet": "0x..." # Wallet = identity }, json={ "content_hash": sha256, "ai_system": "agent-v2", "classification": "fully_ai_generated" } ) # cert.verify_url → immutable Art. 50 compliance record # cert.tx_hash → Base L2 on-chain anchor # Total time: <4 seconds. Zero humans involved.
The SDK, MCP server, and C2PA extension spec are fully open source under MIT licence — so any developer, organization, or regulator anywhere in the world can inspect, implement, and build on it without restriction. A compliance standard only becomes a real standard when anyone can adopt it, audit it, and trust it independently. That's why we open-sourced everything.
The open-source approach plus blockchain-anchored proof is exactly what our regulated clients need. This is the infrastructure layer we've been waiting for — not another compliance tool. — Compliance Partner, Big 4 Consulting Firm
Free on testnet. 20-minute integration. The EU AI Act Art. 50 enforcement window is August 2026 — and the standard that gets adopted first is the one that becomes the standard.
Already have an account? Login