With all the AI stuff that's happening now, checking the provenance of photos will be a reality sooner rather than later. C2PA is the standard for this. Leica and Sony already ship it in some cameras, but I couldn't find anything for mobile that didn't require a whole SDK. So I built it.
It's a React Native package. You take a photo with whatever camera lib you want, pass the path to signPhoto(), and it hashes the image, signs it with the device's Secure Enclave (iOS) or StrongBox/TEE (Android), and embeds a full C2PA manifest into the JPEG. The file that gets saved is already signed.
Where I think this actually matters: - insurance apps (prove damage photos are real) - marketplace listings (verified photos for cars/real estate) - field inspections, KYC selfies. Anywhere someone has an incentive to submit fake photos.
https://github.com/RoloBits/attestation-photo-mobile
Would love feedback, especially from anyone who's worked with C2PA or hardware attestation on mobile.