art, code, github, proofs, websites
Trust Systems
When I first wrote about charm.farm in 2023, the charm was a self-contained HTML document: a 256×256 bitmap, a 60-token caption, and a chain of JSON Web Tokens embedded in <meta> tags. Provenance lived inside the file. Transfer the file, transfer the record. Remove the tokens and you had destroyed the object’s history — it lost its charm.
That experiment was useful, but it was still entirely digital. The charms were portable, but they were also infinitely copyable in the ordinary sense: duplicate the bytes, duplicate the artifact. What I wanted next was harder. I wanted a painting on a wall to carry the same kind of verifiable lineage, and I wanted the digital image of that painting to be bound to the physical object in a way that could be checked by anyone with a phone — without minting, without a marketplace, without a blockchain, and without asking anyone to trust my database.
Trust Systems is the software infrastructure for that binding. It is a desktop application (Tauri v2, Rust core, encrypted local vault) that seals images with C2PA manifests, provisions NTAG 424 DNA NFC tags embedded in the canvas, and verifies the connection between matter and mathematics when someone taps the work. The tag is a seal, not a token. It does not represent ownership on a ledger. It authenticates physical presence at the moment of contact.
The design problem is Benjamin’s problem, stated as engineering. Infinite reproduction strips a work of what Walter Benjamin called aura — its singular presence in time and space. Most provenance systems respond by adding another database: a registry, a chain, a platform. Trust Systems responds by making the file and the silicon disagreeable to forgery. The digital record is a signed C2PA manifest embedded in the JPEG itself, using ES256 (ECDSA P-256) and a standard X.509 certificate chain. The physical anchor is an NXP NTAG 424 DNA chip operating in Secure Dynamic Messaging (SDM) mode. Each tap increments a monotonic read counter and emits a fresh AES-128 CMAC cryptogram. A cloned tag cannot replay yesterday’s tap. A tampered file breaks its signature. The two halves of the work only align when the UID in the manifest matches the UID in the chip, the CMAC validates, and the counter has advanced.
Sealing an artwork is a deliberate act. In the app, the artist selects an image, attaches metadata (title, author, date, license), and optionally selects an enrolled NFC tag. Trust Systems computes a deterministic IPFS CIDv1 from the image bytes (Base32, 256 KB fixed chunker, balanced DAG, raw leaves), injects a custom physical-anchor assertion (org.trustsystems.physical-anchor.v1) containing the tag’s UID, adds a perceptual hash for visual similarity checking, and signs the manifest into the file. The output is a _charmed JPEG that any C2PA-aware verifier can read. Identities, artwork records, and tag state live in a SQLCipher vault on the artist’s machine, keyed with Argon2id from a master password. Nothing is uploaded to a cloud by default. The artist owns the data.
The NFC side is where the airgap closes. Factory-default tags are enrolled through a rigid ISO/IEC 7816-4 sequence: five AES-128 keys derived per tag via HKDF-SHA256 from a vault-secured root secret and the chip’s 7-byte UID, SDM configured for plaintext UID and ReadCtr mirroring with CMAC protection, NDEF File 02 locked to free read and authenticated write. After sealing, the chip is updated with a URL template pointing at the charm.farm tap endpoint:
https://charm.farm/tap?uid={14hex}&ctr={6hex}&cmac={16hex}&v=1&art_id={cid}&iid={uuid}&ch={16hex}&phash={16hex}
The dynamic fields (uid, ctr, cmac) are rewritten by the chip on every tap. The static fields (art_id, iid, ch, phash) bind the tap to a specific manifest: the IPFS CID, the C2PA instance ID, a truncated claim hash, and a perceptual fingerprint. Tap the painting and your phone opens a verification page. The backend — the Oracle Handshake — decrypts the PICCData, checks the CMAC against the derived SDMFileReadKey, confirms the counter is monotonic, and resolves whether the physical object in your hand matches the signed digital record. This is Protocol CF-003. Protocols CF-001 (physical anchor provisioning) and CF-002 (digital ledger / C2PA immutability) are published on charm.farm as open implementation profiles for anyone building high-assurance provenance without a chain.
I have been running this as ceremony as much as software. Charming Art draws on key-signing parties and Fluxus happenings: the artist declares that a specific physical object is theirs, holds the tag to an ACR1252U reader, seals the image with a charm.farm-verified identity, and updates the chip. The technology supports the moment; it does not replace it. The human attestation is still the center. What cryptography adds is durability — a claim that survives decades, galleries, transfers, and reproduction, independent of whether my server is still running.
The current exhibits on charm.farm — including The Temple — are paintings that carry this embedded memory. The digital images on the site are not ordinary files; they are the grounds for charmed entities whose history metabolizes through manifest chaining. Every authorized transfer appends a new signed manifest to the chain. The artifact does not just move through time; it accumulates it.
Trust Systems is built for galleries, private collections, and institutional archives that need provenance without platform lock-in. It is also, frankly, the answer to a personal line of work that started with Evolved Painting and Art Has To Be Real: if the paint is going to come alive, it needs a memory that cannot be faked.
