TrustMark
Warm amber audio waveform visualization representing a distinctive voice signature

“The voice is the identity — independent of the image.”

How It Works

Your identity took a lifetime to build.
TrustMark makes sure no AI pipeline can use it without your say.

The Simple Version

For talent, agents, and anyone who wants the one-paragraph answer

You register once. Your face, voice, and motion become a mathematical fingerprint — stored in your vault, controlled by you. Studios must request a license token before they can use any part of your identity. Every use is logged. You can revoke access at any time. Your agent can manage day-to-day approvals, but only you can pull the emergency stop. TrustMark is free for talent. Studios pay for authorization.

End-to-End Flow

How it actually works

Six steps. From identity capture to a complete audit trail.

1.Identity is captured

A DIAP-Certified tool (studio scanner, mobile app, or self-service kit) captures face, voice, or motion data. The raw capture stays with the source.

2.Embeddings are extracted

The capture tool converts raw data into one-way mathematical embeddings — fingerprints that can verify identity but can never reconstruct the original.

3.Anchored in the vault

Embeddings are submitted to the talent's Identity Vault. Raw captures are discarded. The vault holds math, not biometrics.

4.Consent rules are set

The talent (or their agent) sets two-layer consent: Layer 1 controls who can see they exist. Layer 2 controls per-project usage rights — scoped by project, territory, and duration.

5.Studios request a license token

When a studio needs to use a talent's identity in an AI pipeline, they request a License Token via the DIAP API. TrustMark checks consent and grants or denies — scoped, time-limited, auditable.

6.Render receipts close the loop

After rendering, the studio submits a Render Receipt — cryptographic proof of what was produced, under what authorization. The audit trail is complete. The talent can see every use.

CaptureEmbedVaultConsentLicenseReceipt

For Developers & Studios

Technical detail

Everything below is expanded in the full specification. These are the highlights.

Agents can manage day-to-day approvals, but critical actions are talent-only:

ActionTalentAgentStudio
Approve license request
Set Layer 1 visibility
Emergency revocation
Delete vault data
Add/remove agent
Submit render receipt
Request license

Full Technical Specification

Token spec, fingerprinting, AI agent compliance, delegation tables, data architecture, and more.

Read the full spec
TrustMarkIP

How It Works · Powered by DIAP Protocol v1.3