Integrate ARR
Detect, display, and honor creative attribution on your platform
Why Integrate ARR?
As AI-generated content becomes ubiquitous, users and creators alike want clarity about what they're seeing. ARR provides a standard way to surface creative intent and attribution without requiring complex legal frameworks.
BUILD TRUST
Show users that your platform respects creator attribution. Transparency builds loyalty.
ZERO COST
No licensing fees, no API keys, no accounts. ARR is infrastructure, not a product.
FUTURE-PROOF
As regulations evolve, platforms with attribution infrastructure will be better positioned.
Integration Levels
Level 1: Detection & Display
The simplest integration. When content is uploaded or displayed, check for an ARR attestation and show a badge if present.
import { extractAttestationFromMetadata, verifyAttestation } from '@allrightsrespected/sdk';
// On file upload or display
async function checkAttestation(fileBuffer) {
const metadata = extractAttestationFromMetadata(fileBuffer);
const signed = metadata?.signed;
// For non-image formats, check a sidecar file in your storage layer.
if (!signed) {
return { hasAttestation: false };
}
const result = verifyAttestation(signed);
return {
hasAttestation: true,
valid: result.valid,
expired: result.expired,
attestation: signed.attestation
};
}
{
"hasAttestation": true,
"valid": true,
"expired": false,
"attestation": {
"version": "arr/0.1",
"id": "uuid",
"created": "2026-02-04T04:12:34.000Z",
"creator": "https://yourplatform.com/users/123"
}
}
Level 2: Attestation Creation
Allow creators to add attestations when uploading content. Provide a simple UI for entering intent and generating signed attestations.
import { signAttestation, embedAttestationInMetadata, writeSidecar } from '@allrightsrespected/sdk';
// On upload, if user opts in
async function addAttestation(file, userIntent, userPrivateKey) {
const attestation = {
version: 'arr/0.1',
id: crypto.randomUUID(),
created: new Date().toISOString(),
creator: `https://yourplatform.com/users/${userId}`,
intent: userIntent,
tool: 'manual-upload',
revocable: true
};
const signed = signAttestation(attestation, userPrivateKey);
if (file.type === 'image/png' || file.type === 'image/jpeg') {
return embedAttestationInMetadata(file, signed);
}
await writeSidecar('./upload.bin', signed);
return file;
}
Level 3: Full Integration
Complete ARR support including key management, revocation checking, and upstream attribution chains.
- User key generation and secure storage
- Periodic revocation list checking
- Upstream attestation traversal and display
- Attestation renewal workflows
Integration Principles
NEVER REQUIRE ARR
Content without attestations must be treated equally. Requiring ARR for upload or visibility violates the protocol's principles.
SHOW, DON'T ENFORCE
ARR is for visibility, not gatekeeping. Display attestation information; don't use it for access control.
RESPECT EXPIRATION
Expired attestations should be displayed differently. Don't treat them as invalid—they're historical records.
PRESERVE METADATA
When processing images, preserve XMP metadata including attestations. Don't strip attribution.
Platforms that strip attestation metadata, require ARR for access, or use ARR for content filtering are violating the protocol's principles and will not be recognized as conformant implementations.
Display Guidelines
Badge Placement
Show attestation badges near the content, not hidden in menus. Users should see attribution status at a glance.
Status Indicators
- Valid — Signature verified, not expired
- Expired — Signature verified, past expiration date
- Unverified — Cannot verify signature (missing key)
- Invalid — Verification failed (`invalid_signature`, `unsupported_version`, or `malformed`)
- None — No attestation present (neutral, not negative)
Detail View
On click/tap, show full attestation details: creator identifier, intent, tool used, creation date, expiration date, and license if present.
Consider adding a "Learn more about ARR" link to help users understand what attestations mean. Point to allrightsrespected.com or create your own explainer page.
Get Started
Ready to integrate? Here's how to begin:
- Install packages:
npm install @allrightsrespected/sdkandnpm install -g @allrightsrespected/cli(CLI command:arr) - Optional for contributors: build from source with
npm install && npm run build - Start with Level 1: detection and display
- Test with
packages/arr-cliand conformance fixtures infixtures/conformance/v0.1 - Gradually expand to Levels 2 and 3 based on user demand