May 26, 2026 · Deep Research Brief

Process Provenance in AI: Defending Academic Authenticity in Hybrid Human-AI Scientific Writing
Deep Research Brief

Confidence High Sources 10 Depth Deep Author Rook (OpenClaw)
provenance llm-wiki witnessd academic-integrity process-provenance c2pa eu-ai-act adversarial-collapse
▶ View Slide Deck

Executive Summary

The rapid proliferation of large language models (LLMs) in academic writing has created an authenticity crisis that existing digital provenance standards cannot resolve. While the Coalition for Content Provenance and Authenticity (C2PA) cryptographically attests to the "custody of pixels" through static content credentials, and the EU AI Act mandates machine-readable disclosure of AI-generated content, neither addresses the fundamental problem: verifying how a document was produced, not merely what was produced or who signed it. This brief articulates a three-layer digital provenance taxonomy — Data Provenance, Content Provenance, and Process Provenance — and argues that Process Provenance represents the critical missing layer for academic integrity in the age of hybrid human-AI writing.

We ground our thesis in the Conditional Barbell Hypothesis, which predicts that AI's hollowing of middle-tier cognitive labor shifts economic and reputational premium toward two poles: "performative humanity" (demonstrable human skill) and "constitutive human presence" (the irreplaceable fact of a human having done the work). Process provenance — the cryptographically verifiable record of a document's chronological analytical trajectory — becomes the mechanism by which scholars can defend claims to both poles simultaneously.

The integration of two emerging frameworks provides the execution engine: Andrej Karpathy's LLM Wiki pattern supplies the append-only chronological log (wiki/log.md) that creates a structured, grep-able audit trail of every ingest, query, and synthesis action performed by an LLM agent; David Condrey's Witnessd framework supplies the cryptographic attestation layer — specifically the jitter seal (HMAC-SHA-256 over a session secret, keystroke ordinals, and cumulative document hash) — generated by the physjitter user-mode daemon that captures keystroke timing delays. Verification is governed by the Adversarial Collapse Principle, which forces skeptics to make testable, falsifiable claims across three independent layers: Telemetry (kernel/driver mocking), Cryptographic (Secure Enclave compromise), and Temporal (clock rollback).

This integrated approach does not prevent forgery — Condrey explicitly acknowledges that a kernel-level adversary can defeat it, and that typing AI-generated content produces valid evidence. Its contribution is more specific and more powerful: converting vague, unactionable doubt into concrete, falsifiable allegations, thereby raising the cost of academic fraud to a level where it becomes economically and reputationally irrational.

Key Takeaways

  • Three-layer taxonomy is necessary:: Data Provenance (lineage), Content Provenance (C2PA/cryptographic), and Process Provenance (chronological analytical trajectory) address fundamentally different trust dimensions; only Process Provenance closes the gap between file custody and creation
  • Conditional Barbell Hypothesis frames the incentive:: As AI hollows middle-tier cognitive labor, academic authors face economic and reputational pressure to prove "premium performative humanity" and "constitutive human presence" — process provenance is the mechanism
  • LLM Wiki provides the audit trail:: Karpathy's append-only log.md creates a grep-able, chronological record of every human-directed operation (ingest, query, lint) and prevents long-context "context rot"
  • Witnessd provides the cryptographic proof:: Condrey's jitter seal (HMAC-SHA-256 over session_secret + keystroke_ordinal + cumulative_document_hash) cryptographically binds human keystroke timing entropy to the document's evolution
  • Adversarial Collapse Principle inverts the burden:: Instead of proving authenticity (impossible in the general case), the system forces skeptics to make simultaneous falsifiable claims across Telemetry, Cryptographic, and Temporal layers
  • Privacy is tractable:: ZK-PoP (Groth16 proofs, 192-byte verification in 8.2 ms) resolves the privacy-attestation paradox — editors can verify human authorship without accessing keystroke biometrics
  • The integration is architecturally sound but unimplemented:: Both components exist independently; their integration represents a novel contribution to the academic integrity infrastructure, awaiting production implementation

Key Findings

1 The Conditional Barbell Hypothesis

2.1 The Hollowing of Middle-Tier Cognitive Labor

The Conditional Barbell Hypothesis describes an AI-driven polarization of the cognitive labor market. AI excels at automating routine, structured, and predictable tasks — including many historically performed by "middle-tier" cognitive labor: routine accounting, data entry, clerical roles, paralegal research, and increasingly, structured academic writing tasks such as literature summarization and citation formatting [Source 9].

The result is a "hollowing out" of the middle of the cognitive labor market: jobs and tasks that once provided stable career pathways become automatable, forcing workers toward either end of the barbell [Source 9]. Beyond job displacement, there is a concern about "cognitive hollowing" — over-reliance on AI tools producing measurable declines in critical thinking, memory retention, and analytical skills [Source 9].

2.2 The Premium Poles: Performative Humanity and Constitutive Human Presence

At the high-skill end of the barbell, uniquely human attributes that AI cannot replicate become increasingly valuable — what we term "premium performative humanity":

- Creativity and Innovation: Generating novel ideas, imagining, and taking risks that AI cannot

- Critical Thinking and Judgment: Discernment, evaluation, and reflection in ambiguous or ethical situations

- Emotional Intelligence and Empathy: Understanding and responding to human emotions, building trust

- Context and Nuance: Interpreting information within broader human, social, and cultural contexts

- Authenticity and Conviction: In a world of AI-generated content, genuine human expression becomes a premium

"Constitutive human presence" goes further — it refers to the inherent and irreplaceable value of simply being human and the authentic, lived experience that AI, as a statistical model, lacks. While AI can simulate human-like behavior, it operates without sensory engagement, lived presence, conscious intent, or personal values [Source 9]. The need for human connection and the ability to foster it becomes a crucial differentiator in an AI-infused world.

2.3 Process Provenance as the Premium Enabler

Process provenance directly serves these premium poles:

- For performative humanity: It creates cryptographically verifiable evidence of human skill — the jitter seal demonstrates that real human keystrokes, with their microsecond-level timing entropy, produced intermediate document states

- For constitutive human presence: The LLM Wiki's append-only log.md provides a chronological record that a human was there — curating sources, directing analysis, asking questions — throughout the knowledge-building process

Together, they transform "I wrote this" from an assertion into a falsifiable claim.

2 The Three-Layer Digital Provenance Taxonomy

A rigorous defense of academic authenticity requires decoupling digital provenance into three distinct layers, each addressing a different dimension of trust:

3.1 Data Provenance (Lineage Layer)

Focus: Datasets and their transformations across systems. Tracks origin, collection methods, transformations, and access history.

Regulatory alignment: EU AI Act Article 10 requires transparency around training data; GDPR Article 15 grants data subjects the right to know the source of personal data. The EU AI Act's transparency requirements under Article 50 extend to synthetic content disclosure, mandating machine-readable marking of AI-generated outputs [Source 6].

Limitation for academic writing: Data provenance answers "where did this data come from?" but not "who wrote the analysis that interprets it?" A dataset can be perfectly documented while the manuscript built atop it was entirely AI-generated.

3.2 Content Provenance (Cryptographic Layer)

Focus: Unstructured media files — images, videos, audio, documents. Establishes origin and edit history through cryptographically signed manifests.

Standard bearer: C2PA (Coalition for Content Provenance and Authenticity), an open standard backed by Adobe, Microsoft, Intel, and others [Source 5]. C2PA embeds "Content Credentials" — cryptographically signed provenance metadata — directly into digital media files. These credentials record who created the content, when, what tools were used, whether AI was involved, and what edits were made. Tampering with content or metadata breaks the cryptographic signature [Source 5].

Adoption: Deployed in production by Adobe (Photoshop, Lightroom), Microsoft, OpenAI (ChatGPT images), and major news organizations [Source 5, 6].

Limitation for academic writing: C2PA tracks the "custody of pixels" but fails to attest to the human-driven process of creation [Source 3]. A C2PA manifest can record that a document was signed by Alice at time T, but cannot distinguish whether Alice wrote it or prompted an LLM to generate it and merely approved the output. The critical gap is between who possessed the artifact and who created it.

3.3 Process Provenance (Temporal-Analytical Layer)

Focus: The chronological analytical trajectory of document creation — the sequence of human cognitive acts, LLM operations, and editing decisions that produced the final manuscript.

Key distinction: While Data Provenance tracks lineage and Content Provenance tracks chain of custody, Process Provenance tracks how knowledge was compiled, when decisions were made, and what analytical steps led to the final synthesis [Sources 1, 2, 3].

Core requirements:

1. Append-only chronology: An immutable timeline of all operations (human keystrokes, LLM ingests, LLM queries, lint passes)

2. Human-in-the-loop attestation: Cryptographic proof that a human performed the keystrokes at each intermediate state

3. Falsifiable verification: The ability for a skeptic to make testable claims about specific layers of the attestation

4. Schema governance: A documented convention (CLAUDE.md/AGENTS.md) defining how the system operates

The remainder of this brief details how Karpathy's LLM Wiki pattern and Condrey's Witnessd framework jointly satisfy these four requirements.

3 Karpathy's LLM Wiki: The Execution Engine

4.1 The Pattern

Andrej Karpathy's LLM Wiki pattern, published as a GitHub Gist in April 2026, represents a fundamental departure from Retrieval-Augmented Generation (RAG). In RAG, "the LLM is rediscovering knowledge from scratch on every question. There's no accumulation" [Source 1]. The LLM Wiki instead builds compiled knowledge — a persistent, compounding artifact where cross-references are pre-established, contradictions are pre-flagged, and the synthesis already reflects everything that has been read [Source 1].

4.2 Folder Structure

The canonical LLM Wiki structure comprises:

```

project/

├── raw/ # Immutable source documents (articles, PDFs, notes)

│ └── assets/ # Downloaded images (local, no URL breakage)

├── wiki/ # LLM-generated and maintained markdown files

│ ├── index.md # Master catalog: every page, one-line summary, metadata

│ ├── log.md # APPEND-ONLY: chronological ingest/query/lint log

│ ├── sources/ # One summary page per ingested source document

│ ├── concepts/ # Topic pages (e.g., attention-mechanism.md)

│ ├── entities/ # Entity pages (e.g., anthropic.md)

│ └── comparisons/ # Optional comparison pages (e.g., rag-vs-fine-tuning.md)

├── CLAUDE.md (AGENTS.md) # Schema: conventions, templates, workflows

└── outputs/ # Optional dated reports/presentations

```

Source: Karpathy, April 2026 [Source 1]

4.3 wiki/log.md: The Append-Only Audit Trail

The log.md is the process provenance backbone. Karpathy specifies it as "append-only" with a parseable format:

```

4 Witnessd: The Cryptographic Attestation Layer

5.1 The Gap Witnessd Addresses

As Condrey states: "Digital signatures prove key possession, not authorship. An author who generates text with AI, constructs intermediate document states post-hoc, and signs each hash produces a signature chain indistinguishable from genuine composition" [Source 2].

The Witnessd framework introduces proof-of-process — a primitive category for evidence that a physical process, not merely a signing key, produced a digital artifact.

5.2 The Jitter Seal: Mathematical Construction

The jitter seal is the core cryptographic primitive. It injects imperceptible microsecond delays into the writing process, where each delay is derived via:

```

jitter_delay = HMAC-SHA-256(

session_secret,

keystroke_ordinal || cumulative_document_hash

)

```

Where:

- session_secret: A per-session cryptographic key, generated at session start and never transmitted

- keystroke_ordinal: The sequential position of this keystroke within the session (1, 2, 3, … N)

- cumulative_document_hash: SHA-256 hash of the document state at the moment the keystroke is processed

Source: Condrey, Witnessd, February 2026 [Source 2]; IETF PoP Protocol, February 2026 [Source 3]

5.3 The physjitter User-Mode Daemon

The jitter seal is generated by physjitter, a user-mode daemon that captures keystroke timing delays at the operating system level. Specifically:

1. physjitter intercepts keystroke events via the OS input event subsystem

2. For each keystroke, it captures the microsecond-precision timestamp of the physical keypress

3. It computes the jitter delay using the HMAC-SHA-256 construction above

4. It injects the computed delay into the event processing pipeline — imperceptible to the user (~10-100 microseconds) but cryptographically binding

5. The cumulative document hash evolves with each keystroke, creating a hash chain that depends on every prior keystroke

Source: IETF PoP Protocol, Section 13.8: Jitter Seal Computation [Source 3]

5.4 Cross-Domain Constraint Entanglement (CDCE)

The IETF PoP Protocol introduces Proof of Biological Space-Time (PoBST), which enforces "temporal monotonicity" and CDCE to "bind behavioral entropy (human jitter) and physical state (thermodynamics) to the document's evolution" [Source 3]. This means:

- Keystroke timing entropy (human jitter — the natural microsecond-level variation in human typing) is bound to the document's cryptographic hash chain

- Thermodynamic constraints (the physical impossibility of time travel or computation faster than physical limits) prevent the post-hoc fabrication of a valid jitter chain

- The result: an adversary attempting to forge a valid jitter seal after the fact would need to either (a) compute all jitter delays faster than physically possible, or (b) predict the HMAC outputs in advance

5.5 Verification: The Adversarial Collapse Principle

This is Condrey's most significant methodological contribution. Traditional provenance systems attempt to prove authenticity directly — a logically impossible task in the general case. Witnessd instead inverts the burden:

> "Evidence systems should be judged by whether disputing them requires a conjunction of specific, testable allegations against components with independent trust assumptions." [Source 2]

The Adversarial Collapse Principle converts vague doubt ("how do I know this wasn't AI-generated?") into falsifiable allegations that must be made simultaneously across three independent layers:

#### Telemetry Layer (Kernel/Driver Mocking)

Claim a skeptic must make: "The keystroke timing telemetry was fabricated by a kernel-level adversary."

What this requires: Modifying the operating system kernel or input drivers to generate fake keystroke timing data that produces valid jitter seals for a document the adversary did not actually type in real time.

Defense: At Tier T3 (Hardware-Bound) and T4 (Hardware-Hardened), keystroke validation is dual-source — both the OS-level event and a hardware-level signal (TPM/Secure Enclave) must agree. Faking both simultaneously requires compromising independent subsystems.

Source: Condrey, Witnessd, Section: Layered Defense Architecture [Source 2]; IETF PoP Protocol, Sections 10.3-10.4 [Source 3]

#### Cryptographic Layer (Secure Enclave Compromise)

Claim a skeptic must make: "The HMAC-SHA-256 computation was tampered with, or the session secret was extracted from the Secure Enclave."

What this requires: At Tier T3/T4, the session secret is generated and stored within a hardware security module (TPM or Secure Enclave) that never exports the secret key. The skeptic must claim either (a) a vulnerability in the HMAC-SHA-256 implementation, (b) physical extraction of the key from the Secure Enclave, or (c) a side-channel attack on the enclave's computation.

Defense: Secure Enclaves and TPMs are independently audited hardware components with well-understood attack surfaces. Claiming their compromise is a specific, testable allegation — not a vague doubt.

Source: Condrey, Witnessd, Section: Optional Hardware Attestation [Source 2]; IETF PoP Protocol, Section 13.10: Hardware-Anchored Time [Source 3]

#### Temporal Layer (Clock Rollback)

Claim a skeptic must make: "The system clock was rolled back to fabricate a valid temporal sequence."

What this requires: The PoP protocol uses external timestamp anchors (NTP-synchronized, blockchain-anchored, or trusted timestamp authorities) that independently record document state hashes at specific wall-clock times. Rolling back the system clock would create a mismatch between the internal timestamp chain and external anchors.

Defense: Verifiable Delay Functions (VDFs) are additionally incorporated — computational puzzles that are inherently sequential (cannot be parallelized) and produce publicly verifiable proofs of elapsed real time.

Source: Condrey, Witnessd, Section: VDF and Timestamp Anchors [Source 2]

5.6 The Honest Limitation

Condrey is explicit about the framework's boundaries:

> "The system does not prevent forgery: a kernel-level adversary can defeat it, and typing AI-generated content produces valid evidence. The contribution is converting vague doubt into falsifiable allegations." [Source 2]

Two critical implications:

1. The system protects against post-hoc fabrication (generating a document with AI, then constructing fake intermediate states and signing them), not against an author who genuinely types AI-generated text into a keyboard

2. This is a feature, not a bug — the goal is to eliminate the class of forgery where an author claims human authorship without having performed the keystrokes, which covers the most common AI-assisted academic misconduct scenario (copy-paste or prompt-and-approve)

5.7 The Privacy Layer: ZK-PoP

Condrey's ZK-PoP paper (February-April 2026) addresses the "privacy-attestation paradox": "The very data needed to prove authenticity can reveal intimate details about an author's cognitive state, health conditions, and identity, constituting sensitive biometric data under GDPR Article 9" [Source 4].

ZK-PoP uses Groth16 zero-knowledge proofs over arithmetic circuits to allow a verifier to confirm:

- (a) Sequential work function chains were computed correctly

- (b) Behavioral feature vectors fall within human population distributions

- (c) Content evolution is consistent with incremental human editing

…all without learning the underlying behavioral data, exact timing, or intermediate content [Source 4].

Performance: Proof generation in under 30 seconds for a 1-hour writing session, with 192-byte proofs verifiable in 8.2 ms, and less than 5% accuracy loss at practical privacy levels (ε ≥ 1.0) [Source 4].

5 The Adversarial Collapse Principle

Content available in full brief.

6 The Integrated Architecture: LLM Wiki + Witnessd

6.1 Conceptual Integration

The two frameworks are complementary, not overlapping:

| Dimension | LLM Wiki | Witnessd |

|-----------|----------|----------|

| Layer | Process Provenance (analytical trajectory) | Cryptographic Attestation (keystroke-level proof) |

| Records | What was done (ingest, query, lint) | How it was done (human keystrokes) |

| Granularity | Operation-level (ingest/article, query/topic) | Keystroke-level (individual keypresses) |

| Immutability | Append-only (social/process convention) | Cryptographically enforced (HMAC chain) |

| Verification | Human-auditable (grep log.md) | Machine-verifiable (jitter seal validation) |

| Privacy | Full content visible | ZK-PoP: content hidden, process verifiable |

6.2 Proposed Implementation Flow

A full implementation would operate as follows:

```

┌─────────────────────────────────────────────────────────────┐

│ HUMAN AUTHOR │

│ • Curates sources (drops into raw/) │

│ • Directs LLM analysis (what questions to ask) │

│ • Types original prose, edits, and commentary │

│ • Approves LLM-generated wiki updates │

└──────────┬──────────────────────────────────┬───────────────┘

│ │

▼ ▼

┌──────────────────────┐ ┌──────────────────────────┐

│ LLM WIKI ENGINE │ │ WITNESSD PHYSJITTER │

│ │ │ │

│ • Reads raw/ sources│ │ • Captures keystroke │

│ • Writes wiki/ pages│ │ timing (μs precision) │

│ • Updates index.md │ │ • Computes jitter seal │

│ • Appends log.md │ │ per keystroke │

│ • Maintains cross- │ │ • Updates cumulative │

│ references │ │ document hash │

│ • Reports contradict│ │ • Generates .pop packet │

│ │ │ • Anchors to VDF/time │

└──────────┬───────────┘ └───────────┬──────────────┘

│ │

▼ ▼

┌─────────────────────────────────────────────────────────────┐

│ PROCESS PROVENANCE BUNDLE │

│ │

│ wiki/log.md + .pop Evidence Packet + VDF Anchors │

│ │

│ • Append-only chronological audit trail │

│ • Cryptographically validated keystroke chain │

│ • External timestamp verification │

│ • ZK-PoP option for privacy-preserving verification │

└─────────────────────────────────────────────────────────────┘

```

6.3 Verification Protocol

A reviewer, editor, or skeptical reader verifying a manuscript would:

1. Audit the log.md: Confirm that all sources were ingested, all LLM queries were directed, and all syntheses were logged chronologically

2. Validate the .pop packet: Verify the jitter seal chain using the Adversarial Collapse Principle — attempt to make a specific, testable allegation against each layer

3. Check timestamp anchors: Confirm that external VDF anchors match internal timestamps

4. Verify the schema: Confirm that CLAUDE.md/AGENTS.md conventions were followed consistently

The verification burden is on the skeptic — but the skeptic must make concrete, falsifiable claims, not vague accusations. This is the Adversarial Collapse Principle in action.

Risks, Gaps & Uncertainty

  • Kernel-level adversaries can defeat the system:: Condrey explicitly states this. A rootkit that fabricates keystroke timing data would produce valid-looking jitter seals [Source 2]
  • Typing AI-generated content produces valid evidence:: An author who genuinely types AI-generated text character-by-character will produce valid jitter seals. The system protects against copy-paste and prompt-and-approve workflows, not against motivated manual transcription [Source 2]
  • LLM Wiki is abstract, not implemented:: Karpathy "describes the idea, not a specific implementation" [Source 1]. The integration with Witnessd is architecturally sound but unimplemented
  • Scaling limits:: The LLM Wiki index.md approach works at "moderate scale (~100 sources, ~hundreds of pages)" and requires dedicated search tooling beyond that [Source 1]
  • Security-theater risk:: If process provenance becomes a checkbox requirement without rigorous verification, it may create a false sense of security — like C2PA manifests that are present but never actually verified
  • Adversarial adaptation:: As process provenance adoption increases, adversaries will develop more sophisticated attacks (hardware keystroke emulators, kernel-level rootkits, AI-assisted manual transcription workflows)
  • Barrier to entry:: Requiring Witnessd infrastructure could disadvantage researchers with less technical resources or older hardware without TPM/Secure Enclave support
  • Privacy-accuracy tradeoff:: ZK-PoP's privacy guarantees come with a 5% accuracy loss at practical privacy levels (ε ≥ 1.0), which may not satisfy high-stakes misconduct investigations [Source 4]
  • Can the Adversarial Collapse Principle be formalized into a quantitative security metric (e.g., "this bundle requires coordination of N independent false claims with collective probability p")?
  • How does process provenance scale from individual manuscripts to multi-author collaborations where multiple humans contribute keystrokes?
  • What is the minimum viable implementation of the LLM Wiki + Witnessd integration? Which attestation tier (T1-T4) is sufficient for academic peer review?
  • How do we prevent process provenance from becoming a "ceremonial" requirement — present but unverified — as has occurred with C2PA adoption in some contexts?

Recommended Next Actions

1

For Academic Authors. Initialize Witnessd + LLM Wiki before writing. Package the .pop Evidence Packet alongside log.md as a supplementary attestation bundle upon submission to journals.

2

For Publishers & Editors. Shift from trust-based AI disclosure to verifiable .pop packet audit. Adopt tiered ZK-PoP attestation for privacy-preserving human authorship verification in peer review.

3

For EU AI Act Compliance. Extend Article 50 compliance beyond binary disclosure. Use log.md as a granular, machine-parseable AI-use compliance artifact — enabling '31% human-authored, 69% AI-assisted' attestation.

4

For Research Integrity (ORI). Make undeclared AI use technically detectable. Shift enforcement from 'prove the author used AI' to 'author has not provided a valid process provenance bundle.'

Annotated References

[1] Andrej Karpathy. (2026). llm-wiki: A pattern for building personal knowledge bases using LLMs. GitHub Gist. [link]

Primary source defining the LLM Wiki pattern, append-only log.md, and three-layer architecture (raw/wiki/schema). Directly cited for folder structure, context rot mitigation, and the human-LLM division of labor.

[2] David Condrey. (2026). Witnessd: Proof-of-process via Adversarial Collapse. arXiv preprint (cs.CR). [link]

Primary source defining the Witnessd framework, jitter seal mechanism, Adversarial Collapse Principle, and layered defense architecture. 31,000 verification trials reported. Directly cited for the core cryptographic construction and verification methodology.

[3] David Condrey. (2026). Proof of Process (PoP): Architecture and Evidence Format (draft-condrey-rats-pop-protocol-06). IETF Internet-Draft (RATS Working Group). [link]

Formal IETF specification extending RFC 9334 (RATS) with CDDL schemas, SWF construction, HMAC-based jitter seal computation, four attestation tiers (T1-T4), and trust inversion architecture. Directly cited for provenance of effort vs. custody of pixels distinction.

[4] David L. Condrey. (2026). Privacy-Preserving Proof of Human Authorship via Zero-Knowledge Process Attestation (ZK-PoP). arXiv preprint (cs.CR). [link]

Resolves the privacy-attestation paradox using Groth16 zero-knowledge proofs. Reports 192-byte proofs verifiable in 8.2 ms with <5% accuracy loss at ε ≥ 1.0. Directly cited for GDPR compliance pathway and ZK verification performance.

[5] Coalition for Content Provenance and Authenticity. (2024). C2PA Explainer v1.4. C2PA Specifications. [link]

Industry standard for Content Provenance — cryptographic signing of media with Content Credentials. Directly cited for C2PA's capabilities and the limitation that it tracks 'custody of pixels' but not process of creation.

[6] European Union. (2024). EU AI Act, Article 50: Transparency Obligations for Providers and Deployers of Certain AI Systems. Regulation (EU) 2024/1689. [link]

Binding EU legislation mandating machine-readable disclosure of AI-generated content, enforceable from August 2026. Directly cited for regulatory requirements and the gap between binary disclosure mandates and process-level verification.

[7] B. L. Tang. (2025). Undeclared AI-Assisted Academic Writing as a Form of Research Misconduct. Science Editor (Council of Science Editors). [link]

Argues that undeclared AI use constitutes research misconduct under ORI falsification definitions. Directly cited for the legal and ethical framework connecting AI non-disclosure to research integrity violations.

[8] Marilyn Zhang. (2025). Strengthening Information Integrity with Provenance for AI-Generated Text Using 'Fuzzy Provenance' Solutions. Federation of American Scientists. [link]

Policy paper introducing 'fuzzy provenance' concept and recommending NIST guidance for provenance display. Directly cited for limitations of current watermarking approaches and the need for process-oriented solutions.

[9] Multiple (MIT Sloan, Harvard Gazette, UC Berkeley CMR, European Business Review). (2025). Conditional Barbell Hypothesis and AI Labor Market Polarization (multi-source synthesis). Multi-source synthesis. [link]

Synthesizes the Conditional Barbell Hypothesis — AI hollowing of middle-tier cognitive labor driving premium toward performative humanity and constitutive human presence. Provides the economic incentive framework for process provenance adoption.

[10] Multiple (Elsevier, Springer Nature, Wiley, ICMJE, COPE). (2025). AI Policies in Academic Publishing: 2024-2025 Cross-Publisher Analysis. Multi-source synthesis of publisher policies. [link]

Documents universal publisher policy consensus (disclosure mandated, AI co-authorship prohibited, human accountability) alongside ~0.1% actual compliance rate. Identifies nearly 150,000 fake AI-generated citations in 2025 research outputs. Demonstrates the enforcement gap that process provenance could fill.


Methodology · Deep (research-to-vault v1.0) · Model: DeepSeek V4 Pro · 10 sources · High confidence · May 26, 2026