Content Provenance
on CloudFront
Deploy a Lambda@Edge function that adds invisible provenance markers to every article served through CloudFront. One CloudFormation template. No CMS changes. Free for all publishers.
How It Works
Three steps from zero to signed articles on CloudFront. One CloudFormation stack, one distribution trigger.
Launch the Stack
Deploy the Encypher Lambda@Edge function with a single CloudFormation template. The stack creates the Lambda function, IAM role, and DynamoDB cache table. No application code changes required.
Associate with Your Distribution
Attach the Lambda@Edge function to your CloudFront distribution as an origin-response trigger. All HTML responses pass through the function before reaching readers.
Protect Every Article
Every article on your site receives invisible provenance markers at the edge. When that content is copied, scraped, or republished, you can trace it back to its source.
Works With Your CMS
The Lambda@Edge function detects and protects article content automatically across every major publishing platform. No per-CMS configuration needed.
WordPress
Self-hosted and WordPress.com
Ghost
All Ghost-powered publications
Squarespace
Blog and article pages
Webflow
Rich text content blocks
Substack
Newsletter and post pages
Hugo / Jekyll
Static site generators
News Wires
AP, Reuters, and wire formats
Custom HTML
Any site with configurable selectors
Free vs. Enterprise
Full content provenance is free for every publisher. Enterprise adds leak detection, C2PA compliance, granular licensing, and unlimited volume.
| Feature | Free | Enterprise |
|---|---|---|
| Content provenance on every article | ||
| Sentence-level content tracking | ||
| Automatic CMS compatibility | ||
| Zero performance impact | ||
| Guaranteed site availability | ||
| Monthly article volume | 1,000 articles | Unlimited |
| Leak source identification | - | |
| C2PA manifest compliance | - | |
| Granular content licensing per segment | - | |
| Custom deployment configuration | - | |
| Attribution analytics dashboard | - | |
| Dedicated support and named account manager | - |
Built for Publisher Sites
Designed for reliability at CDN scale. No performance impact on your site, no risk to availability.
Works With Every CMS
Automatic content detection across WordPress, Ghost, Squarespace, Webflow, Substack, Hugo, news wires, and custom HTML. No per-CMS configuration needed.
Invisible, Persistent Protection
Provenance markers are invisible to readers. They survive copy-paste into Google Docs, Slack, social media, and AI prompts, so you can trace content wherever it travels.
DynamoDB Edge Caching
Signed content plans are cached in DynamoDB with native TTL. Subsequent requests for the same article resolve from cache with no API round-trip.
Your Site Never Breaks
If anything goes wrong, the function serves your original page unchanged. Provenance is additive. It never degrades your site availability or reader experience.
Protect Every Article on CloudFront
One CloudFormation stack. DynamoDB caching at the edge. Know where your content goes when it is copied, scraped, or ingested by AI.