=== RealStamp Verify ===
Contributors: realstamp
Tags: content authenticity, AI detection, verification, provenance, trust
Requires at least: 6.0
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 0.1.1
License: Apache-2.0
License URI: https://www.apache.org/licenses/LICENSE-2.0

Prove your content was written by a real person. Add cryptographic human-provenance verification badges to any WordPress post.

== Description ==

**RealStamp Verify** turns any WordPress post into a cryptographically verifiable piece of human-authored content. Patent pending. Each stamp is:

* Signed by a verified human (WebAuthn + liveness)
* Cryptographically bound to the exact content (SHA-256)
* Anchored in the public Sigstore Rekor transparency log (Linux Foundation)
* Verifiable independently with no trust in any single party
* Compatible with the C2PA Content Credentials standard (Adobe, Microsoft, BBC, NYT)

Three ways to add a badge:

1. **Gutenberg block** — drop the RealStamp Verify block anywhere and paste a pulse token.
2. **Shortcode** — `[realstamp token="xK9mP2..."]`
3. **Auto-detect** — set a post custom field `realstamp_pulse_token` and the plugin injects a badge automatically.

= Who is this for? =

* News publishers fighting AI slop
* Creators proving original work
* Legal and forensic publishing
* Any site that wants to display a content-provenance trust signal

= How it works =

You create a stamp at [realstamp.app](https://realstamp.app/) on your original content. You get a portable pulse token (JWT / SD-JWT). You paste that token into your WordPress post. Readers see a badge; clicking it opens the public verification page which proves: (a) the signer was a real verified human, (b) the content has not been altered since stamping, (c) the stamp is anchored in the public Sigstore Rekor log.

= Requires a RealStamp account =

This plugin is a consumer of the RealStamp service. Get started at [realstamp.app](https://realstamp.app/).

== Installation ==

1. Upload the `realstamp-verify` folder to `/wp-content/plugins/`.
2. Activate through the **Plugins** menu.
3. Visit **Settings → RealStamp Verify** to configure auto-detection, style, and badge position.
4. Add a RealStamp block, shortcode, or custom field to any post.

== Frequently Asked Questions ==

= Do I need an API key? =

No. Verification is public — anyone can check any stamp. You only need a RealStamp account to create stamps.

= Does this slow down my site? =

Minimal impact. The Verifier SDK is a ~10 KB ES module loaded from a CDN with deferred execution. No server calls are made until the badge is clicked or a user scrolls it into view.

= Is my content data sent anywhere? =

No. Verification checks only the signed pulse token. Your post content is not transmitted during verification.

= Does this work with AMP? =

The current build uses a web component that is not AMP-safe. An AMP-compatible version is planned for 0.2.

= Can I verify stamps offline? =

Yes — with the offline mode of the SDK. Not exposed in this plugin UI yet; will land in 0.2.

== Screenshots ==

1. Settings page under Settings → RealStamp Verify.
2. Gutenberg block inserter showing the RealStamp Verify block.
3. Example verified badge rendered on a post.

== Changelog ==

= 0.1.1 =
* Fix: switch SDK source to first-party CDN so badges render reliably.

= 0.1.0 — Initial public release =
* Gutenberg block with inline preview and server-rendered badge.
* `[realstamp]` shortcode.
* Auto-detect mode with multiple source options.
* Settings page (auto-detect, Rekor verification, style, position).
* Ships the `@realstamp/verify` web component via jsDelivr CDN.

== Upgrade Notice ==

= 0.1.0 =
Initial public release — please leave feedback on support forum.

== Privacy ==

This plugin embeds a script from `cdn.jsdelivr.net` which loads the RealStamp Verifier SDK web component. No user personal data is sent to third parties by the plugin itself. When a reader clicks a badge, their browser may contact `realstamp.app` to verify the stamp.
