Three-node workflow that makes local metadata removal provable. Strip a file's metadata in the browser, prove exactly what was removed, bind the sanitization into a canonical receipt, and record the original and cleaned files in a hash-anchored digest manifest. Each stage produces a tamper-evident SHA-256 execution hash, and no file bytes ever leave the browser.
{
"tool": "prove_metadata_sanitization",
"arguments": {
"original_sha256": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"sanitized_sha256": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
"file_type": "jpeg",
"findings": [
{ "field": "GPSLatitude", "category": "gps", "action": "removed" },
{ "field": "GPSLongitude", "category": "gps", "action": "removed" },
{ "field": "Make", "category": "device", "action": "removed" }
],
"bytes_before": 204800,
"bytes_after": 203100
}
}
{
"tool": "build_conversion_receipt",
"arguments": {
"input_sha256": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"output_sha256": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
"source_format": "jpeg",
"target_format": "jpeg",
"converter": { "name": "art-193-metadata-sanitization-prover", "version": "1.0.0" },
"parameters": { "removed_categories": ["gps", "device"] }
}
}
{
"tool": "build_digest_manifest",
"arguments": {
"entries": [
{ "name": "photo-original.jpg", "sha256": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "bytes": 204800 },
{ "name": "photo-clean.jpg", "sha256": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", "bytes": 203100 }
],
"purpose": "sanitized-image-release",
"sort": "name"
}
}
Run the three tools in order. The sanitization digests feed the receipt builder, and the original and cleaned digests are recorded together in the manifest.
// Step 1: prove what metadata was removed
const step1 = await mcp.call("prove_metadata_sanitization", {
original_sha256: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
sanitized_sha256: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
file_type: "jpeg",
findings: [
{ field: "GPSLatitude", category: "gps", action: "removed" },
{ field: "Make", category: "device", action: "removed" }
],
bytes_before: 204800,
bytes_after: 203100
});
// Step 2: bind the sanitization edge into a receipt
const step2 = await mcp.call("build_conversion_receipt", {
input_sha256: step1.sanitization_record.original_sha256,
output_sha256: step1.sanitization_record.sanitized_sha256,
source_format: "jpeg",
target_format: "jpeg",
converter: { name: "art-193-metadata-sanitization-prover", version: "1.0.0" },
parameters: { verdict: step1.verdict }
});
// Step 3: record both files in one manifest (final stage)
const step3 = await mcp.call("build_digest_manifest", {
entries: [
{ name: "photo-original.jpg", sha256: step1.sanitization_record.original_sha256 },
{ name: "photo-clean.jpg", sha256: step1.sanitization_record.sanitized_sha256 }
],
purpose: "sanitized-image-release",
sort: "name"
});
console.log("Verdict:", step1.verdict);
console.log("Manifest:", step3.manifest.manifest_sha256);
| Chain slug | document-sanitization-integrity |
| Nodes | art-193 → art-191 → art-194 |
| Cluster | Client-Side Conversions |
| Standards | JPEG (ISO/IEC 10918) · PNG (ISO/IEC 15948) · RFC 8785 (JCS) |
| Spec version | 0.6.0 |
| Terminal export | Policy Mandate JSON · W3C VC (§13.11) |
| Hash scheme | SHA-256 over JCS-canonical {policy_parameters, output_payload} |