Captilo Logo

About Captilo

Privacy-first blockchain certificate verification platform

What is Captilo?

Captilo is a privacy-first mobile evidence camera and verification platform that transforms any smartphone into a certified photo capture device. Every photo is cryptographically fingerprinted, anchored to the Sonic blockchain (EVM, sub-second finality), and stamped with an EU-qualified eIDAS timestamp — all before the user sees a success screen.

This website verifies Captilo PDF certificates by recalculating the cryptographic fingerprints and querying them against the blockchain — without storing any user data. Legacy proofs anchored to the Constellation Network are also fully verifiable.

Built with security and privacy at its core, all verification happens server-side, preventing any possibility of tampering while maintaining complete user anonymity.

How Verification Works

Captilo uses V2 split hashing on the Sonic blockchain — two independent hashes stored under the same proof ID, so photo integrity and metadata integrity can be verified separately.

1. Upload PDF Certificate

Upload a Captilo PDF certificate to our secure server. The file is held temporarily for processing only and deleted immediately after.

2. pictureHash — Photo Integrity

The server extracts the embedded photo from the PDF and recalculates its SHA-256 hash from raw pixel data. This pictureHash prevents image-swapping attacks — any single pixel change produces a completely different hash.

3. metadataHash — Context Integrity

Independently, the server reconstructs the metadata fingerprint: a SHA-256 hash of the RFC 8785 canonicalized JSON covering 14 fields — username, GPS location, device info, capture timestamp, biometric commitment, fraud detection result, nonce, and more. This metadataHash proves the capture context was not altered.

4. Sonic Blockchain Query

Both hashes are queried against the CaptiloProofRegistryV2 smart contract on the Sonic network (EVM, sub-second finality). If both match the on-chain record under the same Event ID, the certificate is verified as authentic. The transaction hash, block number, and eIDAS timestamp are returned as proof.

5. Immediate Deletion

After verification, the PDF is immediately and permanently deleted from our server. Nothing is stored — ensuring complete privacy.

Why Blockchain Verification?

Immutable Proof

Once a certificate is submitted to the blockchain, it cannot be altered or deleted. This creates an immutable record of authenticity.

Tamper-Proof

Blockchain technology ensures that any attempt to modify a certificate would change its fingerprint, making tampering immediately detectable.

Decentralized Trust

Verification doesn't rely on a central authority. The blockchain network itself provides cryptographic proof of authenticity.

The Captilo Mobile App

The Captilo mobile app captures forensic-grade photos with tamper-proof metadata. When a photo is captured:

  • Biometric authentication is required before the camera opens — no bypass possible
  • The photo is hashed (SHA-256) and a separate metadata fingerprint is calculated from 14 fields
  • Both hashes are signed with a secp256k1 key derived from the user's 12-word seed phrase
  • The signed proof is submitted to the Sonic blockchain and an EU-qualified eIDAS timestamp is attached
  • Multi-layer fraud detection runs to flag screen photographs, AI-generated images, and reprints
  • A PDF certificate is generated containing the full proof record

This website verifies Captilo certificates by recalculating both hashes independently and querying them against the Sonic blockchain.

Content Credentials (C2PA) — Coming Soon

Soon Live

Captilo is introducing Social Exports with C2PA — the open standard backed by Adobe, Microsoft, Google, and others for embedding verifiable content provenance directly into image files.

What it means: When you share a Captilo-verified photo, it carries an embedded C2PA manifest — a cryptographically signed record of who captured it, when, where, and on what device. Platforms like LinkedIn and Adobe tools display a verified "Content Credentials" badge automatically.
Double-layered trust: The Sonic blockchain provides immutable on-chain proof. The C2PA manifest provides platform-native verification trusted by major content ecosystems — two independent, complementary trust layers.
Privacy by design: Social exports are resized to 1080px for sharing. The original full-resolution proof stays on-device and on-chain. No biometric data is ever embedded in the shared image.

Security Features

Server-Side Processing

All extraction and hash calculation happens on our server, preventing client-side manipulation.

Image Hash Recalculation

We extract and rehash images from pixel data to prevent image-swapping attacks.

No Data Storage

PDFs are deleted immediately after verification. We never store your certificates.

Anonymous Verification

No user accounts required. Verify certificates completely anonymously.