AI Provenance Protocol

Verify your human effort and stand out as a genuine creator in an AI-driven world. This VS Code extension tracks your coding session telemetry to cryptographically prove that your work is the result of human "thinking time" and active refactoring.

🚀 Getting Started

Follow these steps to start generating provenance reports for your contributions.

1. Register on the SaaS Dashboard

Visit the AI Provenance Dashboard and sign in with your GitHub account.

2. Get your Sync Key

Once logged in, look for your Sync Key at the top of the dashboard. This key links your local extension telemetry to your account.

[!IMPORTANT] Keep your Sync Key private. It acts as your authentication for syncing reports.

3. Configure the Extension

1. Open Visual Studio Code.
2. Open the Command Palette (Ctrl+Shift+P or Cmd+Shift+P).
3. Type and select: AI Provenance: Set API Key.
4. Paste your Sync Key and press Enter.

4. How it Works

• Auto-Sync: By default, the extension syncs your telemetry metadata every time you save a file.
• Manual Sync: You can manually trigger a sync anytime using the AI Provenance: Sync command.
• Validation: Your contributions are analyzed for "Effort Score" (keystrokes, refactors, and active focus time).

🛡️ Privacy & Trust

We believe in full transparency. This extension is designed to protect your intellectual property while proving your effort.

What we COLLECT

We only collect high-level telemetry required to verify your contribution:

• Activity Metrics: Aggregated patterns of editor focus and coding sessions.
• Verification Signals: Anonymous metadata used to cryptographically validate human effort.
• Git Metadata: Repository and branch information to link reports to your Pull Requests.

What stays PRIVATE (Never Sent)

• ❌ Your Source Code: We never send your actual code content to our servers.
• ❌ Personal Data: We do not track your name, location, or other files on your machine.
• ❌ Individual Keystrokes: We collect counts, not the actual characters you type.

Security & Integrity

• Local Signing: Every report is cryptographically signed locally using an Ed25519 key before transmission. This ensures that telemetry cannot be tampered with after it leaves your machine.
• Secure Storage: Your Sync Key is stored securely in your OS Keychain using VS Code's SecretStorage API.

🛠️ CI/CD Integration

The real power of AI Provenance comes when integrated into your GitHub workflow.

1. Register your Repo on the dashboard.
2. Add Secret: Add AI_PROVENANCE_TOKEN to your GitHub repository secrets.
3. Add Workflow: Create .github/workflows/verify-provenance.yml to automatically verify PRs.

name: Verify AI Provenance

on:
  pull_request:
    branches: [ main ]

jobs:
  verify:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Verify Provenance
        uses: AI-Provenance/verify-provenance-action@v1
        with:
          token: ${{ secrets.AI_PROVENANCE_TOKEN }}

License

Copyright © 2026 AI Provenance Protocol. All rights reserved. Use of this extension is subject to the terms of service at aiprove.org.