TrustMark
REST APIDIAP API v1

Build on TrustMark

Integrate machine-readable authorization into your AI pipeline. Check visibility, request licenses, submit render receipts, embed cryptographic watermarks, and verify provenance — all through a single REST API.

Powered by DIAP (Digital Identity Authorization Protocol)

Get API Key

Developer portal

Verify Image

Check provenance

View Protocol

Full specification

Request Access

Studio onboarding

What can you build on TrustMark?

TrustMark is open infrastructure, powered by DIAP. What you build depends on your role in the pipeline. Here are four starting points:

Talent App

Standard

Mobile or web app for talent to manage their vault — view modules, toggle visibility, approve or deny license requests, review audit logs.

Scopes: read:profile, manage:authorization

Studio Integration

Studio

Embed DIAP consent checks into your existing production pipeline (ShotGrid, ftrack, custom). Automate license requests, receipt logging, and watermark embedding.

Scopes: license:request, receipt:submit, watermark:embed

Union / Agency Portal

Enterprise

Branded portal for your roster. Bulk-register talent, export audit reports, manage delegation chains, monitor compliance across your membership.

Scopes: bulk registration, audit export, delegation management

Capture Tool

Capture (highest — requires security audit)

DIAP-Certified scanner or recording device. Submits embeddings directly to the vault. Must meet embedding format compliance (specifications available to approved developers).

Scopes: anchor:submit, embedding format compliance

Face & Identity Processing Pipeline

How biometric identity data enters the DIAP system. This is the capture step — before any licensing or rendering can occur.

Step 1

Capture

DIAP-Certified tool (e.g. LightStage) captures biometric data — face geometry, voice print, expression map, or motion skeleton

Step 2

Embed

Tool generates an embedding vector in the required format for the module type and computes a quality score

Step 3

Submit

POST /api/v1/identity/anchor/submit — embedding is stored in the talent's Identity Vault, linked to their DIAP ID

Step 4

Approve

Talent reviews the anchor in their vault and approves or rejects. Only approved anchors are used for verification.

Embedding Format Requirements

Module Type     | Dimensions | Model / Source
─────────────────┼────────────┼────────────────
FACE_3D          | 512-dim    | FaceNet / ArcFace compatible
VOICE_PRINT      | 256-dim    | Speaker verification model
EXPRESSION_MAP   | 128-dim    | Blendshape coefficient vector
MOTION_SKELETON  | 256-dim    | Joint position + rotation vector

Embeddings must be L2-normalized (unit vectors). Quality score 0.0–1.0 is computed by the capture tool. Capture-tier certification requires passing a security audit and format compliance test before anchor submission is enabled.

Important: DIAP stores one-way mathematical embeddings — not raw biometric data. An embedding can verify "this is the same person" but cannot reconstruct a face, voice, or motion. The original biometric data never enters the DIAP system.

Integration Flow

Step 1

Get API Key

Sign up as a developer, generate a key from your dashboard

Step 2

Check Visibility

Verify the talent has authorized to platform discovery (Layer 1)

Step 3

Request License

Request usage rights — talent approves or denies (Layer 2)

Step 4

Log Render

Submit a receipt for every AI-generated output

Step 5

Watermark

Embed provenance into pixels (image) or ultrasonic frequencies (audio)

Full Workflow Example

index.js
import fetch from 'node-fetch';

const DIAP_API_KEY = process.env.DIAP_API_KEY;
const BASE = 'https://diap.me';
const headers = {
  'Authorization': `Bearer ${DIAP_API_KEY}`,
  'Content-Type': 'application/json',
};

// Step 1 — Check visibility (Layer 1 authorization)
const vis = await fetch(`${BASE}/api/v1/visibility/check`, {
  method: 'POST', headers,
  body: JSON.stringify({
    talent_diap_id: 'marcus_rivera_001',
    module_type: 'FACE_3D',
  }),
});
const { visible } = await vis.json();
console.log('Visible:', visible);  // true = talent authorized to discovery

// Step 2 — Request license (Layer 2 authorization)
const lic = await fetch(`${BASE}/api/v1/license/request`, {
  method: 'POST', headers,
  body: JSON.stringify({
    talent_diap_id: 'marcus_rivera_001',
    project: 'Glass City',
    rights: ['FACE_RENDER', 'VOICE_RENDER'],
    scope: 'Feature Film — Post-Production',
    duration_days: 365,
  }),
});
const { token_id } = await lic.json();
console.log('License:', token_id);  // LIC-2026-xxxxx (pending until talent approves)

// Step 3 — Submit render receipt (after license approved)
const receipt = await fetch(`${BASE}/api/v1/receipt/submit`, {
  method: 'POST', headers,
  body: JSON.stringify({
    token_id,
    description: 'Scene 12 — hero poster composite',
    output_type: 'poster',
    ai_modified: true,
    ai_mod_flags: ['age_progression'],
  }),
});
const { receipt_id } = await receipt.json();

// Step 4 — Embed watermark into the output
// See Watermark Guide tab for embed API details
// Approved developers: see /developers/docs for full implementation

Error Codes

CodeMeaning
400Bad Request
401Unauthorized
403Forbidden
404Not Found
409Conflict
429Rate Limited
500Server Error
Get Started

Request Developer Access

Tell us what you're building. We'll review your request and be in touch within 48 hours.