01Why Vault
AI generation has changed the question. It used to be can you make it look right. Now it is can you defend how you made it.
Studios with broadcaster deals, brand campaigns, sports rights, financial-promo work, or anything touching union talent are being asked — by legal, by compliance, by their insurer, by the platform itself — to evidence the lineage of every frame. "Trust us, we used the licensed model" is no longer a sufficient answer. The correct answer is a tamper-evident receipt.
Defensible production records on every shot. No more "what did we use to make scene 14?" three months after delivery.
Evidence packs that satisfy the legal team's question without slowing down the creative team's day.
Scripts and visual references stay encrypted. Nothing crosses the boundary into a less-secure surface unless you opt in, on purpose, every time.
02The Promise
One sentence:
Three properties make that promise hold.
The provenance ledger is hash-chained. Modifying any historical entry invalidates every entry that came after it. The chain is verifiable at any time.
Records are written once. The only permitted mutation is targeted PII anonymisation for tenant offboarding.
If the ledger cannot accept a record, the action that would have produced it is refused. We do not release sensitive content first and write the receipt later.
Compliance recording is enforced at the point of write, not at the user interface. Policy and product cannot drift apart.
03What's Inside Today
Live, in production, on the Vault tier:
Every AI generation event — image, video, audio, 3D — lands as a hash-chained entry. Captures the metadata and asset hashes needed for downstream audit. Full schema reviewed with each customer at onboarding.
Sensitive narrative content (script lines, shot descriptions, prompt seeds) is encrypted with per-tenant keys before it touches storage.
Two independent permissions are required to surface raw script lines outside the encrypted store: a per-project setting and a per-action confirmation. Either gate alone is not enough.
Every push, every export, every settings change records who, when, what, from where, and the resulting tamper-evident receipt id.
Vendors are categorised by IP & commercial posture. The system snapshots the partner tier and clean-base flag at the moment each step ran — the receipt is true even if the partner's terms change later.
Every receipt carries at least one project linkage. Dossiers can be exported per-project, per-shot, or per-job for delivery to legal, broadcast standards, or insurer.
Shipping next
Industry-standard Content Credentials embedded into delivered media. Independent verification by anyone with a C2PA-aware tool.
Per-asset evidence of IP entitlement — reference rights, talent likeness clearance, music sync. Linked to every record where the asset was used.
One-click export of the full receipt set for a project, in a format suitable for handoff to broadcast standards or legal review.
Nightly cross-check between live-system records and the ledger. Surfaces any gap within 24 hours, well before delivery.
When content is removed under a takedown or right-to-be-forgotten request, a tamper-evident certificate proves it happened — and that the rest of the chain is intact.
Custom models trained on a studio's reference assets, with isolation guarantees and per-asset entitlement tracking.
04Chain of Custody
A receipt is only useful if you trust the chain it sits in. The Vault ledger is built on three properties that make tampering detectable, not just inconvenient.
Each receipt carries a fingerprint of its own contents and the fingerprint of the receipt before it. Modifying any historical entry breaks the chain from that entry forward, and the breakage is detectable by anyone who has the chain.
A chain-verification routine walks every receipt for a project, recomputes each fingerprint from its contents, and confirms the chain is intact. Available as a one-call check; surfaces the first divergent entry if the chain is ever broken.
Receipts can be pinned to a specific data region (e.g. EU). Region routing is enforced at the compliance layer; the chain maintains internal consistency within the selected region. Cross-region replication is roadmap, not default — for compliance regimes that require strict residency, receipts stay in the region they were written in.
05Sensitive Content & Opt-In Surfaces
The most common compliance failure isn't a hostile actor. It's an operator pasting a confidential script into a less-secure surface "just to make the spreadsheet useful."
Vault's posture: a confidential script never reaches a less-secure surface unless you have explicitly opted in twice, and a tamper-evident receipt of the export is recorded before the content moves.
Each project has an explicit "Allow raw-script export" setting, default off. Toggling it is itself an audited event — who flipped it, when, on which project.
Even when the project setting is on, every individual export action requires the operator to explicitly tick a per-action checkbox carrying a confidentiality warning.
If both gates are passed, the system writes a provenance receipt before the content moves. If the receipt cannot be written, the export is refused.
Exported content is truncated at safe limits with explicit markers. Full content remains in encrypted storage; the export surface only ever sees what the operator authorised.
Every gate ships disabled. A new project, a new operator, a new push — nothing crosses the boundary by accident. The act of enabling each gate is itself recorded, so a future review can reconstruct exactly when and why a project moved from "encrypted-only" to "exportable."
06Partner Tier Framework
AI vendors differ wildly in what they license, how they train, and what indemnification they offer. Vault categorises every supported partner so the studio can choose the level of protection appropriate to each piece of work, and so the receipt records exactly which posture was in effect at the moment each step ran.
The framework distinguishes three orthogonal concepts that the industry frequently confuses:
- Plan tier — what your studio subscribes to.
- Rights manifest tier — what the asset's IP entitlement record looks like (reference rights, talent clearance, music sync).
- Partner tier — what licensing & clean-training posture the AI vendor offers.
Each is independent. A studio on the top plan tier can still elect to use a less-strict partner for a particular shot, and the receipt for that shot will record both. The dossier exported at the end of a project shows exactly which partners + tiers were in effect for each frame — nothing is averaged, nothing is hidden.
Snapshotting at the moment of work
A partner's tier or terms can change after work is done. Vault snapshots the partner posture at the moment each step ran and stores that snapshot in the receipt. If the partner reclassifies a model six months later, your receipt still says "this shot was made under the policy in effect on this date." That's the defensible position for downstream audits.
07Clean Base / Standard — You Choose, Per Project
Vault is built around the recognition that "best IP-safety posture" and "best output quality" are not always the same answer. Different projects answer differently. Vault gives you both, with the same tamper-evident receipt either way.
Every Vault project is configured in one of two modes. The mode is set at project creation, can be changed by the operator with audit-logged consequences, and is recorded on every receipt the project produces.
Strictest IP-safety posture available. Generation constrained to vendors with documented licensed-data training and indemnified output. The trade-off is narrower vendor selection and, today, output quality that trails the leading-quality models on complex motion and prompt adherence.
Use when: the work is for a regime that requires demonstrable clean-trained provenance — certain broadcaster acquisitions, talent-likeness-sensitive ad campaigns, EU AI Act Article 50 disclosure regimes where the producer must attest to training-data posture.
Best-in-class output quality. Premier and Verified Partner vendors with enterprise no-training-on-customer-data clauses and contractual IP indemnification. Not full clean-base — the trade-off is taking the partner's "we don't train on your data" assertion at contract level rather than at training-corpus level.
Use when: output quality is the binding constraint and the contractual no-training posture is sufficient for your legal team. Most broadcast-grade narrative work lands here.
Full provenance documentation. C2PA embedding (when shipped). EU AI Act Article 50 compliance. Tamper-evident receipts. Project-linked dossier export. Fail-closed compliance writes.
The choice between modes is the producer's, made in conversation with onboarding. Mode is recorded on every receipt — a future audit reconstructs not just what you generated, but the IP-safety posture you chose to generate it under, on every shot.
08Where Vault Sits
Vault is not "the next tier up from Enterprise." It is a separate compliance-grade engagement that sits alongside the standard product line, with a different price, a different onboarding path, and a different set of operational guarantees.
The standard product line covers solo creators through full studios. Pricing is transparent, self-serve, and tier-based. A studio that doesn't have a legal team asking compliance questions belongs here — the Enterprise tier of the standard line gives you the full feature set.
Vault is the answer when you do have a legal team asking compliance questions. The price reflects the operational guarantees, not a markup on Enterprise.
| Plan | Price | Audience | Compliance posture |
|---|---|---|---|
| Creator | entry | Solo + small teams. Standard pipeline access. | Encryption at rest. Audit log. No tamper-evident ledger. |
| Influencer | mid | Independent producers + creator agencies. | As Creator, plus per-tenant feature overrides. |
| Studio | prod | Production companies, brand teams. | As Influencer, plus expanded audit retention + plan-gated features. |
| Enterprise | contact | Top of the standard line. Studios who need every feature without the compliance overhead. | As Studio, plus full feature set, expanded retention, priority support, per-tenant feature overrides. |
| Studio Vault | contact | Compliance-conscious studios, broadcasters, brands with NDA-onboarded engagement. EU-targeted. Project-based fees on top of subscription. | Separate engagement — full provenance ledger, double-gated sensitive-content controls, partner tier snapshots, project-linked dossier export, fail-closed compliance writes, region-bounded receipts, Clean Base / Standard mode selection per project. |
Vault carries operational costs Enterprise does not: NDA onboarding, partner-tier negotiations and re-vetting, fail-closed ledger SLA, hash-chain audit infrastructure, EU residency routing, partner posture snapshotting, dossier export, legal-team sync. The price reflects what the guarantees cost to keep, not a markup. A Vault commitment is a commitment we have to be able to honour for the contract length — pricing it like Enterprise would mean we couldn't.
A studio that wants some of Vault but not the full engagement should stay on Enterprise — that's the right answer. Vault's value is the end-to-end compliance promise; partial Vault is a different product, not a discount.
09Engagement Model
Vault is sold under a structured engagement, not a self-serve checkout. Three reasons:
- NDAs go both ways. We see your slate, your scripts, your reference materials, your model preferences. We sign before we onboard.
- Tier configuration is bespoke. Partner approvals, region routing, retention windows, dossier formats — these are negotiated with your legal team rather than ticked in a UI.
- Compliance is collaborative. Your standards team and ours review the receipt format, the gate behaviours, and the exception paths together before you go live. We want you to be able to defend it, not just trust it.
Onboarding is typically a two-week loop: kickoff → configuration review → pilot project → sign-off. After sign-off, Vault behaviour is contractually fixed; changes go through a change-management process so your audit trail stays continuous.
10EU + Data Residency
Vault is built region-aware from the writer up. Receipts are pinned to the region of the tenant that produced them. EU-resident tenants get EU-resident receipts — the chain stays in the region.
Region routing is enforced at the lowest level (the writer that creates the receipt), so the policy cannot be bypassed by an upstream caller routing through the wrong region. The same enforcement applies to encrypted content storage and to the audit log surface.
For tenants with dual-region operations (e.g. a UK group with both EU and US production), receipts can be region-tagged at write time so a single project can be reconstructed with full residency provenance.
11Roadmap
Vault is a multi-phase program. Phase 1 is live; the rest is shared and reviewed with each onboarded customer during engagement.
Hash-chained provenance ledger. Encryption at rest. Plan gating. Single-region. Audit log. Sensitive-content double-gate. Pipeline integration covering image, video, audio, 3D, and 2D editing modes.
C2PA manifest signing on delivered media. IP warranty records. Provenance package export. Reconciler + drift alerts.
Per-vendor licensing tier registry with snapshotting. Clean-base partner certifications. Per-asset partner-attribution dossiers.
Tenant-isolated fine-tuning records. Deletion certificates. Right-to-be-forgotten reconciliation. Dual-region replication for federated studios.