Pluck Studio / Bureau

CUSTODY

Browser-extension AI conversation chain-of-custody. Court-admissible captures with WebAuthn-bound operator identity. 60-second journalist verification — drag a CustodyBundle JSON onto the verify page and the FRE 902(13) compliance result appears in your browser, no network round-trip.

The keystone: WebAuthn-bound operator identity

A captured AI conversation is only useful in court if the signer's key survives the Daubert reliability standard. Disk-only Ed25519 keys do not — anyone with file-system access could forge them. CUSTODY ties every capture to a WebAuthn-registered passkey rooted in tamper-evident secure-element hardware. The library verifier flags any bundle without that binding fre902Compliant: false and lists every reason why so an attorney can map straight to admissibility arguments.

What gets captured

  • Full-page DOM snapshot — sha256-pinned, capped at 4 MiB.
  • Every fetch request + response — bodies stored as cassettes by envelopeHash; the spec stays small.
  • Browser fingerprint — user-agent, viewport, IANA timezone, BCP 47 language, sha256 of the canonical sorted plugin set.
  • System clock — capture start + end (so verifiers can detect skew).
  • Operator identity binding — WebAuthn credential id + attestation digest, anchored to the operator's Ed25519 SPKI fingerprint.

Chain-of-custody chain

Every bundle carries an append-only chain of signed events:capture, handoff, publication, verification. Each event's signature is anchored to the prior event's hash, so reordering or dropping an event breaks verification immediately. Chain length is capped at 256; longer flows split into multiple bundles, each anchoring to the prior bundle's chainRootHash.

CLI

pluck bureau custody capture <bundle.json>
pluck bureau custody build <captures-dir> --out <bundle.json>
pluck bureau custody verify <bundle.json> --json
pluck bureau custody export <bundle.json> --subpoena <uuid> --vendor openai --model gpt-4o

Predicate URIs

  • https://pluck.run/CustodyBundle/v1 – the full bundle
  • https://pluck.run/ChainOfCustodyEvent/v1 – single event (lets operators stream-notarize each event)

Phase 6.5 deferral

Phase 6 alpha ships the library + verifier. The full Chrome / Firefox MV3 extension build pipeline (WebAuthn flow, content-script bundle, signing, web-store publish, headless-Chrome integration tests) lands Phase 6.5. The journalist verify flow at /bureau/custody/verify works today against bundles produced by hand or by an out-of-tree capture tool.