AIPM 1.1 Specification

Overview

The AI Provenance Mark (AIPM — pronounced "ape 'em" — rhymes with shape pum, phonetically ap-um) is an open, vendor-neutral specification for disclosing AI involvement in content creation. It is intentionally minimal, web-native, and extensible.

AIPM 1.1 adds compression, Show mode, Unicode support, datetime precision, language declaration, previous-version linking, human-only disclosure, Content URL, Full Context Document URL, and switches to hash-fragment URLs for improved privacy and caching. It is fully backwards compatible with AIPM 1.0 — existing QR codes continue to work unchanged.

Three AIPM Artifacts

AIPM combines three elements:

1. A stable visual mark centered within a QR code.
2. A QR code encoding an HTTPS URL with provenance metadata in the hash fragment.
3. A human-readable provenance page that renders the metadata client-side — no server lookup required.

Every AIPM provenance record starts as a URL. From that URL, two visual artifacts can be derived. Each has a distinct purpose and target context.

The generator produces all three from a single form. The Marks & Badges page documents QR mark specifications and provides all badge SVG downloads.

Design Goals

• Mobile-safe QR scanning on all modern devices
• Human-readable first, machine-readable friendly
• No vendor lock-in or proprietary app requirements
• Minimal cognitive and technical overhead for creators
• Suitable for institutional, academic, journalistic, and public contexts
• Durable — QR codes that work today must work in ten years
• Privacy-preserving — metadata never transmitted to any server
• Zero infrastructure — static hosting only, no backend required
• Make it effortless to declare how much AI was involved — from full AI generation to full human authorship, with every meaningful step in between expressible in a single field
• Make it easy to share the context or prompt with others — so the work can be continued, verified, or built upon. Provenance pages include direct links to open the context in any major AI tool, enabling one-click continuation of the conversation that created the content

Parameters

Role Values

The role field describes the human's involvement in the content creation process. Values are ordered from most human involvement to least. The date field records when this role was last applicable — updating role from prompted+reviewed to prompted+edited should be accompanied by an updated date and a new prev link to the prior record.

Show Mode

Show mode is an optional feature that embeds an abbreviated human role directly in the QR code's center mark, making the level of AI and human involvement visible at a glance without scanning.

When Show mode is active, the center mark displays three lines:

AIPM       ← line 1: mark identifier (unchanged)
1.1 S      ← line 2: version + "S" (Show mode indicator)
P+R        ← line 3: abbreviated human role

Show mode is indicated by show=1 in the URL. The display page shows a "S · P+R" badge next to the AIPM version badge when Show mode is active. See the Marks & Badges for SVG downloads of all Show mode variants.

Using AI to Generate AIPM Marks

You can instruct an AI model to automatically generate an AIPM provenance URL whenever it produces final output. Copy the prompt snippet below into your AI tool's system prompt or project instructions.

When you produce a final deliverable (document, post, report, code, or other substantive output), append an AIPM 1.1 provenance URL at the end.

Use this format:
https://ai-pm.pages.dev/1.1/aipm/#v=1.1&model=[MODEL]&role=prompted&date=[DATETIME]&show=1&ctx=[BRIEF_DESCRIPTION]

Replace [MODEL] with your model name, [DATETIME] with the current date and time in ISO 8601 format (e.g. 2026-05-03T14:30-04:00 with UTC offset, or just 2026-05-03 for date only), and [BRIEF_DESCRIPTION] with a short URL-encoded description of the content (e.g. Blog+post+about+climate+policy).

The human role should be prompted by default. If the human has indicated another role, use that instead. Use %2B to encode the + character in the URL.

Optional fields you may also include: &lang=[BCP47_LANGUAGE] (e.g. en, fr), &author=[NAME], &org=[ORGANIZATION], &src=[CONTENT_URL], &doc=[FULL_CONTEXT_URL].

Custom AI Tools

The AIPM display page includes "Try it" links for Claude, ChatGPT, Gemini, Grok, and Perplexity. Each link opens in a new tab with the context, Content URL, and Full Context Document URL pre-filled as the initial message. Users can add up to 5 of their own preferred tools via the Custom Tools page — stored locally, no account required.

Four URL placeholders are supported:

See the Custom Tools page for full documentation including the "Add to AIPM" one-click link format for AI tool developers. Only https:// URLs are accepted — http://, javascript:, data:, and all other URI schemes are rejected by the validator.

URL Schema

AIPM 1.1 encodes all metadata in the URL hash fragment (#). Hash fragments are processed entirely by the browser; they are never sent to any server. This improves privacy and allows the display page to be cached aggressively regardless of how many unique QR codes exist.

Plain (uncompressed) format

https://ai-pm.pages.dev/1.1/aipm/#v=1.1&model=Claude+Sonnet+4.6&role=prompted%2Breviewed&date=2026-05-03T14%3A30-07%3A00&ctx=Blog+post+draft&show=1

Compressed format

When context exceeds ~200 characters, the generator automatically switches to the compressed z param. All metadata is packed into a single JSON object, compressed with deflate-raw, and encoded as base64url.

https://ai-pm.pages.dev/1.1/aipm/#z=<base64url-encoded-compressed-payload>

Resolution Model

Unicode Support

AIPM 1.1 explicitly supports UTF-8 in all fields — model names, context, URLs, and document content. All text is encoded via TextEncoder before compression, ensuring correct handling of non-Latin scripts including CJK, Arabic, Devanagari, and emoji.

Non-ASCII characters in uncompressed URLs are percent-encoded, which significantly reduces effective character capacity. Non-Latin users should prefer the compressed path.

Compression

The generator automatically switches from individual params to the compressed z param when the total URL length approaches the QR byte limit or when context exceeds ~200 characters. The z value is produced by:

1. Serializing all metadata as a JSON object
2. Encoding the JSON string to UTF-8 bytes using TextEncoder
3. Compressing with CompressionStream('deflate-raw') (browser-native, no library)
4. Encoding the compressed bytes as base64url (URL-safe base64: +→-, /→_, no padding)

The display page reverses this using DecompressionStream('deflate-raw') and TextDecoder. The display page checks for z first, then falls back to individual params — ensuring full backwards compatibility with AIPM 1.0 QR codes.

A manual "Use compression" toggle allows creators to override automatic switching in either direction.

QR Code Capacity

The hard limit is 1,273 bytes for QR Version 40 at Level H error correction (required for logo overlay). All other URL limits — browser, CDN, server — are far above this.

Compressed capacity depends on content compressibility. English prose typically compresses at 2.5–3×. CJK text is 3 UTF-8 bytes per character and compresses at 1.5–2×. For content exceeding QR capacity, use the doc param to link to a hosted full-context document.

JSON Representation (z param)

This section is relevant only when using compression. In uncompressed AIPM 1.1 URLs, all fields are individual URL parameters. When the z param is used, all metadata is serialized as a single JSON object, then compressed with deflate-raw and base64url-encoded. Fields shown in order: required, recommended, optional.

{
  "v": "1.1",              // Required
  "role": "prompted+reviewed", // Required
  "model": "Claude Sonnet 4.6", // Recommended
  "date": "2026-05-03T22:00-04:00", // Recommended
  "show": 1,               // Recommended — integer 1 or omitted, never false
  "ctx": "Internal memo draft", // Optional
  "author": "Jane Smith",  // Optional
  "org": "Acme Corp Research", // Optional
  "lang": "en",            // Optional
  "src": "https://example.com/the-article", // Optional
  "doc": "https://gist.github.com/user/abc123", // Optional
  "prev": "https://ai-pm.pages.dev/1.1/aipm/#..." // Optional
}

Omit fields that are not applicable rather than including empty strings or null values. show is an integer (1 or absent), never a boolean. qr is never included in the JSON payload — it is always appended as a visible plain param outside the z value (e.g. #z=...&qr=0) so automated systems can detect it without decompressing.

QR Overflow (qr=0)

When a provenance record is too long to encode as a QR code even after compression, the generator appends qr=0 as a visible plain parameter in the hash and hides the QR output. The URL remains a fully valid AIPM 1.1 provenance record — share it as a link.

Critically, qr=0 always appears as a visible param, never inside the compressed z payload. This means automated systems can detect it without decompressing:

https://ai-pm.pages.dev/1.1/aipm/#z=<compressed-payload>&qr=0

A system generating AIPM URLs programmatically can check for qr=0 in the hash to determine whether to render a QR code or fall back to a text link — no decompression needed.

The display page detects qr=0 as a plain hash param (even when z is also present) and shows a "URL-only record" notice. To avoid triggering overflow, use the doc param to link to a full context document externally, keeping ctx brief.

Versioning

The AIPM mark's visual identity is stable across versions — the same rounded square, bold type, and AIPM identifier. The version number on line 2 of the mark reflects the spec version used to generate it. AIPM 1.1 introduces an optional Show mode third line; this is additive and does not affect how 1.0 marks appear or scan. Future versions may add further optional elements without changing the core mark identity.

The path structure (/1.0/, /1.1/) ensures existing QR codes never break — each version's URLs are frozen permanently.

Self-Hosting

AIPM is designed for static global hosting with no backend. The reference implementation at ai-pm.pages.dev runs on Cloudflare Pages. All provenance data lives in the URL — there is no database, no server-side processing, and no user tracking.

Known limitation: The display URL is baked into each QR code. If you self-host AIPM and later change your domain or decommission the server, existing QR codes will break. There is no federation or fallback mechanism. Choose a self-hosting domain for longevity, or use the canonical ai-pm.pages.dev reference implementation.

For doc and src URL params, choose hosting for longevity:

1. Your own Cloudflare Pages or GitHub Pages — most durable
2. GitHub Gist — free, extremely durable, secret gists are unlisted
3. rentry.co — no account, custom slugs, markdown

Avoid anonymous URL shorteners — they cannot be edited and carry link rot risk.

Security Considerations

AIPM is a declaration-based standard. Any creator can generate an AIPM mark with any field values — there is no cryptographic verification of claims. Trust is based on context, source credibility, and the creator's reputation, not technical enforcement. This is an intentional design choice: the goal is frictionless, honest disclosure by creators who want to be transparent, not a system that prevents dishonest disclosure.

For implementors rendering AIPM records

• Validate all URLs before rendering as links. The src, doc, and prev fields come from the URL hash — treat them as untrusted. Accept only https:// and http:// schemes; reject javascript:, data:, and all others.
• Escape all string values before DOM insertion. Every field from the hash must be HTML-escaped before being written to the page, regardless of expected content.
• Custom tool URLs require validation. Tool URLs must be HTTPS, must contain at least one supported placeholder, and the domain should be confirmed by the user before saving.
• Hash fragment privacy. AIPM 1.1 metadata lives in the URL hash fragment and is never sent to any server. However, JavaScript running on the display page can read it — avoid loading third-party analytics or scripts that might exfiltrate hash content.
• Local storage security. Custom tools stored in localStorage are scoped to the display page's origin. Sanitize all stored values on read and write.

For creators generating AIPM marks

• All QR generation and URL construction happens locally in your browser — no data is sent to any server during generation.
• All fields in an AIPM record are publicly visible to anyone who scans or opens the AIPM URL — including ctx, doc, prev, author, org, and all other fields. Do not include sensitive or private information in any field.

Accessibility

AIPM provenance pages are standard HTML with semantic structure. The provenance card uses label/value pairs rendered as plain text elements, which screen readers handle naturally — every field is readable in document order without special ARIA markup.

All interactive elements on the display page — "Try it" links, "Copy context" button, "Update this mark" link, and custom tool links — are standard HTML anchors and buttons, fully keyboard accessible. Focus indicators meet WCAG 2.1 AA contrast requirements.

Compressed URLs (z param) are fully transparent to assistive technology. The page renders identically whether data arrived compressed or plain — all data is decoded to the same plain text elements before presentation.

The QR mark is a visual medium. AIPM addresses this: the generator always displays the full provenance URL as copyable text, and the provenance page is reachable directly via URL — no QR scan required. When embedding the QR mark in a document, use meaningful alt text:

alt="AI Provenance Mark QR code — scan or visit [URL] for details"

The AIPM spec recommends including the provenance URL as visible text near the mark wherever the medium allows. All pages include a skip-to-content link for keyboard users and meet WCAG 2.1 AA contrast ratios. The target is WCAG 2.1 AAA for all text; secondary text uses #525252 on #f9f9f7 (contrast ratio 7.4:1, passing AAA).

Comparison: AIPM vs C2PA