=== RealStamp Verify === Contributors: realstamp Tags: content authenticity, AI detection, verification, provenance, trust Requires at least: 6.0 Tested up to: 6.9 Requires PHP: 7.4 Stable tag: 0.2.0 License: Apache-2.0 License URI: https://www.apache.org/licenses/LICENSE-2.0 Prove your content was written by a real person. Add cryptographic human-provenance verification badges to any WordPress post. == Description == **RealStamp Verify** turns any WordPress post into a cryptographically verifiable piece of human-authored content. Patent pending. Each stamp is: * Signed by a verified human (WebAuthn + liveness) * Cryptographically bound to the exact content (SHA-256) * Anchored in the public Sigstore Rekor transparency log (Linux Foundation) * Verifiable independently with no trust in any single party * Compatible with the C2PA Content Credentials standard (Adobe, Microsoft, BBC, NYT) Three ways to add a badge: 1. **Gutenberg block** — drop the RealStamp Verify block anywhere and paste a pulse token. 2. **Shortcode** — `[realstamp token="xK9mP2..."]` or `[realstamp share="abc123def"]` (the short share-link ID from your stamp page). 3. **Auto-detect** — set a post custom field `realstamp_pulse_token` and the plugin injects a badge automatically. = Who is this for? = * News publishers fighting AI slop * Creators proving original work * Legal and forensic publishing * Any site that wants to display a content-provenance trust signal = How it works = You create a stamp at [realstamp.app](https://realstamp.app/) on your original content. You get a portable pulse token (JWT / SD-JWT). You paste that token into your WordPress post. Readers see a badge; clicking it opens the public verification page which proves: (a) the signer was a real verified human, (b) the content has not been altered since stamping, (c) the stamp is anchored in the public Sigstore Rekor log. = Requires a RealStamp account = This plugin is a consumer of the RealStamp service. Get started at [realstamp.app](https://realstamp.app/). == Installation == 1. Upload the `realstamp-verify` folder to `/wp-content/plugins/`. 2. Activate through the **Plugins** menu. 3. Visit **Settings → RealStamp Verify** to configure auto-detection, style, and badge position. 4. Add a RealStamp block, shortcode, or custom field to any post. == Frequently Asked Questions == = Do I need an API key? = No. Verification is public — anyone can check any stamp. You only need a RealStamp account to create stamps. = Does this slow down my site? = Minimal impact. The Verifier SDK is a ~10 KB ES module loaded from a CDN with deferred execution. No server calls are made until the badge is clicked or a user scrolls it into view. = Is my content data sent anywhere? = No. Verification checks only the signed pulse token. Your post content is not transmitted during verification. = Does this work with AMP? = The current build uses a web component that is not AMP-safe. An AMP-compatible variant is planned for a future release. = Can I verify stamps offline? = Yes — with the offline mode of the SDK. The plugin will expose a UI toggle for it in a future release. = Does this support the new short share links? = Yes. As of 0.2.0 the shortcode also accepts a `share` attribute (`[realstamp share="abc123"]`) so you can paste the short share-link ID from a RealStamp stamp page directly, without needing to copy the full pulse token. Both forms work. == Screenshots == 1. Settings page under Settings → RealStamp Verify. 2. Gutenberg block inserter showing the RealStamp Verify block. 3. Example verified badge rendered on a post. == Changelog == = 0.2.0 — RealStamp v2.0 platform alignment = * New: shortcode `share` attribute — `[realstamp share="abc123"]` accepts the short share-link ID from a RealStamp stamp page, alongside the existing `token` attribute. * New: auto-detect now also recognises a `realstamp_share_link_id` post custom field and `data-realstamp-share` HTML attribute. * Fix: synced version metadata across plugin header, block.json, and stable tag (previous releases drifted between 0.1.0 and 0.1.1). * Compatibility: aligned with RealStamp v2.0 platform release — hardware-bound WebAuthn liveness on iOS and Android, public verifier endpoint, and the shorter `/s/` and `/u/` URL formats. = 0.1.1 = * Fix: switch SDK source to first-party CDN so badges render reliably. = 0.1.0 — Initial public release = * Gutenberg block with inline preview and server-rendered badge. * `[realstamp]` shortcode. * Auto-detect mode with multiple source options. * Settings page (auto-detect, Rekor verification, style, position). * Ships the `@realstamp/verify` web component via jsDelivr CDN. == Upgrade Notice == = 0.2.0 = Adds a `share` attribute alongside `token` in the shortcode and auto-detect, aligning with RealStamp v2.0's shorter share-link format. Fully backward compatible — existing posts continue to render unchanged. = 0.1.0 = Initial public release — please leave feedback on support forum. == Privacy == This plugin embeds a script from `cdn.jsdelivr.net` which loads the RealStamp Verifier SDK web component. No user personal data is sent to third parties by the plugin itself. When a reader clicks a badge, their browser may contact `realstamp.app` to verify the stamp.