Add NIP-XX: ProofMode - Cryptographic Video Verification

[rabble]

Background

This NIP brings ProofMode verification to Nostr video events. ProofMode is an open-source project originally developed by the Guardian Project to enable cryptographic verification of photos and videos,
providing tamper-proof evidence that media was captured at a specific time and place by a specific device.

This specification adapts ProofMode for Nostr's decentralized architecture, allowing anyone to verify video authenticity without relying on centralized platforms.

Summary

• Introduces NIP-XX specification for attaching cryptographic proof manifests to Nostr video events (NIP-71)
• Enables verification of video authenticity through:
  • Frame-level hashes: SHA256 hashes of captured frames prove recording continuity and detect editing
  • Hardware attestation: iOS App Attest and Android Play Integrity verify the
    recording device
  • Cryptographic signatures: PGP signatures ensure manifest authenticity
  • Sensor data: Accelerometer, gyroscope, and touch interactions prove device continuity during pauses
• Defines verification levels (verified_mobile, verified_web, basic_proof, unverified)
• Includes complete ProofManifest data structure with segments, pause proofs, and device attestation
• Provides implementation guidance for both recording and verification phases

Request for Feedback: PGP vs Nostr-style Keys

The current specification uses PGP signatures for signing the ProofManifest, following the original ProofMode project's approach. However, we're seeking feedback on whether we should instead use Nostr-style Schnorr signatures
(secp256k1) for better integration with the Nostr ecosystem.

Arguments for PGP:

• Compatibility with original ProofMode implementations and tooling
• Well-established verification infrastructure
• Separate key from Nostr identity (privacy benefit)

Arguments for Nostr keys:

• Native integration with Nostr clients and key management
• Users already have Nostr keys - no additional key management needed
• Simpler implementation for Nostr developers
• Consistent with other Nostr signing patterns

Open questions:

• Should manifest signing use the same key as the event signature, or require a separate device-specific key?
• Could we support both approaches with a signature_type field?
• Are there security implications to using the Nostr key for ProofMode signing?

Please share your thoughts on this design decision.

Related Links

• ProofMode Original Project
• NIP-71: Video Events

[staab]

It seems like the benefit of interoperability is significant, so I would lean toward using PGP keys. We could do something similar to marmot's key package by allowing users to announce PGP keys for this use case.

[BitcoinErrorLog]

Do you have details on how this scales and what it demands from relays, clients, and storage?

The cost per proof must be huge once you account for hashes, attestations, verification.

I suspect this only makes sense for very narrow use cases, and even those would face the same unsolved problems of preserving privacy and decentralization in the face of realistic threats.

[BitcoinErrorLog]

It's either a nostr spec or not. Why even bring up pgp?

[BitcoinErrorLog]

This depends on Apple/Google tokens/api? Doesn't that add centralization/privacy issues? and token expiry problems?