The Universal Consent Layer
for AI Identity
One protocol that lets actors, creators, and studios control exactly how AI uses their face, voice, expression, and motion — across every app and pipeline. Built on consent. Revocable by default. Every frame auditable.
Consent-First
Blocked unless authorized
Two-Layer Consent
Visibility + Usage control
Provenance
Verifiable receipts & watermarks
The Internet Lacks Identity Infrastructure
AI generation quality has crossed the “convincing” threshold. The result is legal risk, reputational harm, fragmented deals, and talent opting out entirely.
Unauthorized Generation at Scale
AI makes it cheap to synthesize convincing humans. Likenesses and voices are generated without consent, creating legal risk and reputational harm.
Fragmented Enforcement
No standard method exists to request consent, enforce scope limits, or prove authorization across apps and vendors.
No Standard Verification
Platforms and distributors lack a shared verification method to confirm whether synthetic content was authorized.
Weak Audit Trails
Studios, unions, and talent representatives have no reliable way to audit how identity assets are being used.
Value Misalignment
Value accrues to platforms while talent lacks residual-like economics for their digital identity usage.
Visibility Exposure
Even being searchable or selectable inside an AI app can violate talent intent if platform access was never granted.
Why Now
Two-Layer Consent Engine
DIAP distinguishes between platform visibility and project usage authorization, preventing premature exposure of identities inside AI applications.
Platform Visibility Authorization
A policy decision by the identity owner controlling whether a given AI app can list, search, display, or select their identity. If denied, the identity is completely invisible and unselectable.
Project/Campaign Usage Authorization
A scoped license token grant for a specific project or campaign under a compliance profile. Enables rendering within defined limits and triggers provenance and receipt logging.
Enforcement Flow
Certification Check
App verifies its own DIAP-Certified status via Trust Registry
Visibility Check (PVA)
App checks Platform Visibility Authorization for target identity
Identity Displayed
If allowed, identity may be shown as selectable under listing constraints
License Request (PCUA)
On selection, app creates a scoped LicenseRequest for the project
Token Issuance
Issuer evaluates request against compliance profile; approval yields signed token
Execution & Receipts
Gateway verifies token, enforces scope, produces outputs and provenance receipts
Human-Rooted Authority
Least Exposure
Interoperable
Revocable
Auditable
Policy-First Safety
Protocol Components
A modular, build-ready architecture designed for security, interoperability, and enterprise-grade deployment.
Identity Vault
Stores identity modules (voice, face, expression, motion) with KMS/HSM integration and secure enclave support. Assets never leave the vault without authorization.
Platform Visibility Service
Evaluates PVA policies in real-time. Returns allow/deny decisions with listing constraints (discoverable, invite-only, hidden).
Policy / Consent Engine
Evaluates LicenseRequests against compliance profiles. Manages approval workflows including per-render, per-project, and quota-based modes.
License Authority (Issuer)
Issues signed, PoP-bound license tokens. Manages quotas, audit logs, and delegation from the DIAP Central Authority.
Revocation Registry
Low-latency revocation checks with push-based updates and webhooks. Supports license, app, and campaign-level revocation with emergency kill switches.
Execution Gateway
The enforcement point. Verifies tokens, enforces policy, routes generation through adapters, and emits events for provenance tracking.
Provenance Service
Watermarking and receipt generation. Verification endpoints enable downstream platforms to confirm authorization of any synthetic output.
Trust Registry Service
Central directory of certified issuers, apps, keys, and revocation endpoints. The root of trust for the entire DIAP ecosystem.
Developer Portal & SDKs
Registration, key management, conformance tests, and integration examples. Integrate once, be compliant everywhere.
Studio Compliance Suite
Approvals dashboard, audit exports, role-based controls, and campaign management for enterprise studio workflows.
Identity Modules
Identity is represented as independent modules with explicit purpose limitation and sensitivity metadata. Each module can be licensed independently.
VoiceModuleVoice embeddings and synthesis parameters
VOICE_RENDERFaceModuleFacial geometry, texture, and appearance
FACE_RENDERExpressionModuleFacial expression mapping and control
EXPRESSION_RENDERMotionModuleBody motion capture and kinematics
MOTION_RENDERFootprintModuleOptional persona metadata (not required for core auth)
Rights Taxonomy & Scope
Rights
TRAINING_USE is explicitly separate from render/inference rights.
Scope Dimensions
Approval Modes
Protocol Mechanics
Certificates, tokens, receipts, and verification endpoints — the building blocks of machine-enforceable consent.
Proof-of-Consent Certificate
VERIFIEDEvery AI-generated frame carrying a human likeness embeds a DIAP PoC Certificate in its metadata. This is the cryptographic proof that consent was obtained before render.
Verification Semantics
Token Verification
Signature chain to certified issuer in Trust Registry + PoP binding + scope checks + revocation status
Receipt Verification
Signature chain + output hash match + watermark payload validation for downstream proof
Platform Verification
Distribution platforms can require valid receipts for any monetized synthetic human content
Revocation & Threat Model
Short-lived tokens reduce blast radius by limiting exposure window
Revocation Registry: revoke by license_jti, app_id, or campaign
Push-based revocation for emergency kill-switch behavior
Gateway enforcement: registry check required at render time
Threat Model
Trust Registry (Root of Trust)
The DIAP Central Authority anchors global verification through the Trust Registry. It maintains certification status and root trust keys that allow any participant to validate whether a token/receipt is authentic and whether an issuer/app is compliant.
Root Keyset
Signs Trust Registry snapshots and updates
Issuer Registry
Approved License Authorities with public keys
App Registry
DIAP-Certified apps, versions, and status
Revocation Endpoints
Per-issuer revocation check endpoints
Policy Profiles
Canonical IDs for compliance conformance tests
Key Rotation
Documented procedures for compromise response
ScriptModule
Writer & authorship protection. A first-class protected asset type for authored writing and project literary materials — extending DIAP with consent-first script governance.
Non-goal: ScriptModule is not a replacement for copyright registration, chain-of-title, or legal guild processes. It is a technical enforcement and audit layer that ensures scripts are handled according to their owner's authorized policies within AI systems.
Protected Writing Assets
DIAP is primarily an identity authorization protocol (voice / face / expression / motion). However, studio-grade compliance requires protecting writing assets and their authorized downstream use — especially when scripts are used to generate derivative outputs or as training material.
Any authored writing used in development/production — screenplay drafts, outlines, treatments, bibles, pitch decks, scene text, dialogue, alt-lines, script notes, revisions.
The natural person(s) who authored the Script Asset, or an authorized rights holder/representative (estate, production company) acting on their behalf.
Any AI-assisted generation using Script Assets as input/context — new scenes, dialogue, scene variants, summaries, character breakdowns.
Using Script Assets to train/fine-tune a model, build embeddings for general reuse, or incorporate content into persistent model weights beyond the specific job.
Rights Taxonomy (Writing)
Industry Implementation
From film production to distribution verification, DIAP provides the consent infrastructure for every stage of the AI identity pipeline.
Film & Television
Previs, dubbing, localized promos, and digital doubles under strict scope. Union-ready controls with mandatory checkpoints for role/script approval and final output review.
No-photoshoot posters & key art via Marketing Avatar Workflow
DIAP-Certified design tools check PVA before showing talent
Creative-lock checkpoints: shortlist approval, final select
Every exported output carries receipt/watermark for verification
Audit bundles for legal/compliance; usage statements for talent
Advertising & Marketing
Actor avatars for posters, billboards, social ads, and international variants. Brand-safe compliance profiles with reputational protection.
FACE_RENDER + EXPRESSION_RENDER under DIAP-Brand-Safe
Territory-specific licensing with global campaign support
Creative-lock workflow ensures brand alignment
Per-line or per-spot approvals for sensitive campaigns
Games & VR
Motion and voice licensing with usage statements. Real-time rendering authorization with quota-based approval modes.
MOTION_RENDER + VOICE_RENDER scoped to game/experience
Quota-based authorization for interactive applications
Watermarked outputs for distribution verification
Education & Enterprise
Authorized speaker avatars with mandatory disclosure and comprehensive audit trails. Non-commercial constraints enforced by policy.
DIAP-Education-NonCommercial profile with disclosure_required
Blocks on political persuasion, endorsements, fundraising
Full audit trail for institutional compliance
Distribution Verification
"Was this authorized?" — verification for platforms. Distribution platforms can require valid receipts for monetized synthetic human content.
Receipt verification via /v1/receipts/verify endpoint
Watermark scanning toolkit for platform-level compliance
High-volume verification API for content moderation
Studio Marketing Workflow: No-Photoshoot Posters & Key Art
DIAP turns identity usage into a controlled, auditable workflow that mirrors existing entertainment contract structures.
Studio uses DIAP-Certified design tool (e.g., Nano Banana Studio Tier)
Tool checks Platform Visibility Authorization for Actor X
If allowed, Actor X is selectable under listing constraints
Studio requests marketing-static rights (FACE_RENDER + EXPRESSION_RENDER) under DIAP-Brand-Safe
Actor/rep approves with optional creative-lock checkpoints
Design tool generates variants; only authorized final selects are exported
Every exported final select carries receipt/watermark
Studio obtains audit bundle; actor receives usage statement + compensation
Localization & Dubbing
VOICE_RENDER scope granted per territory/language with strict rating and claim restrictions. Per-line approvals supported for sensitive campaigns.
Union-Ready Controls
Mandatory checkpoints (role/script approval, final output review). Exportable statements for reps. Distribution hold for disputes. Training rights always separate.
Policy Presets
Standardized policy templates that define approval modes, category blocks, provenance requirements, and audit exports. Stored as first-class policy objects.
Talent-Strict
Maximum control for public figures
Brand-Safe
Commercial use with reputational safety
Union-Ready
Union-style approvals and dispute workflows
Indie Creator
Low friction licensing with provenance
Enterprise-Verified
High assurance for studios/enterprises
Education / Non-Commercial
Learning/research with strict constraints
Transparent Pricing
DIAP monetizes infrastructure and compliance — not a percentage of talent pay. Talent access to vault and policy controls is free or subsidized to maximize participation.
Central Authority Access
SDK + registry access + certification + verification endpoints for AI applications.
Studio Compliance Suite
Dashboard, approvals, audit exports, and campaign management for studio workflows.
Distribution Verification
High-volume verification API + watermark scanning toolkit for platforms.
Enterprise Security Pack
Dedicated tenancy, SLAs, advanced attestations, and incident response.
Annual Fee
A predictable annual subscription covers platform access, certification, compliance tooling, and baseline API capacity. Designed to fit studio procurement models — one line item, no surprises.
Usage-Based Billing
Beyond the base tier, usage scales with your actual consumption. Pay only for what you use — billed monthly, metered transparently. No percentage-based fees on talent compensation.
Why This Pricing Model Works
Procurement Fit
Studios buy SaaS tools, not usage taxes. DIAP fits existing procurement workflows with a single, predictable line item.
Predictability
Annual fees give budget certainty. Usage-based overages are transparent and proportional — no hidden multipliers.
Neutrality
No percentage of talent pay avoids conflict-of-interest perception with compensation structures.
Scalability
Supports massive volumes across multiple apps and platforms. Marginal cost decreases as usage grows.
Standardization Path
DIAP starts centralized for speed and evolves to federation as unions, studios, and major platforms participate. Common verification always anchored.
Centralized Pilot
Single DIAP Central Authority + delegated issuers. Publish spec, schemas, and conformance tests publicly. Launch DIAP-Certified program.
Multi-Issuer Expansion
Multiple certified issuers (studios, unions) listed in the registry. Pilot with anchor talent + studio marketing workflow. Expand to localization/dubbing.
Federation Governance
Multi-party steering, transparent audits, standardized key ceremonies. Multi-stakeholder governance for studios, unions, and platforms.
DIAP-Certified Program
Conformance test suite ensures apps enforce tokens correctly and emit receipts
Security requirements: key handling, PoP binding, audit logging, revocation checks
Versioned certification tied to app version + integration mode
Ongoing compliance with periodic audits; immediate suspension for violations
Operational Security & Key Management
Formal key ceremonies and rotation schedules for Trust Registry root keys
Issuer key rotation requirements and incident reporting SLAs
Audit logs and tamper-evident storage for critical events
Emergency suspension process for compromised apps/issuers
Standardization Strategy
Publish DIAP spec + schemas + conformance tests publicly
Launch DIAP-Certified program for AI apps and studio modules
Pilot with anchor talent + studio marketing workflow including PVA
Expand to localization/dubbing and distribution verification
Form multi-stakeholder governance for federation