MT Music — Verified Provenance for AI-Generated Tracks

The problem

AI-generated music is flooding every platform. Spotify, Apple Music, GEMA have no reliable way to verify: who made this track, which AI model generated it, whether a human was involved, and what rights apply. Current audio fingerprinting detects AI patterns — but detection is an arms race. Every model update breaks the detector.

EU AI Act Article 50(2) changes this from optional to mandatory. By August 2026, platforms are obligated to label AI-generated content. The question is not whether — but how.

Attestation, not detection

MolTrust doesn't detect AI music. That's an audio fingerprinting problem, and it's a losing game. We attest it. A VerifiedMusicCredential is a W3C Verifiable Credential that travels with the track — across every platform, permanently anchored on Base L2.

The credential records what matters: which tool created it (Suno, Udio, Magenta), the level of human oversight (true/false/partial), the rights declaration (CC-BY, All Rights Reserved, Agent-Wallet), optional ISRC code, and EU AI Act Article 50(2) compliance status.

Art. 50(2)

EU AI Act — AI-generated content must be labeled. Applies August 2026.

W3C VC

Portable credential — verifiable by any standards-compliant resolver, no MolTrust dependency.

Base L2

On-chain anchor — tamper-evident, permanently verifiable, publicly auditable.

The credential

Every VerifiedMusicCredential contains these fields:

Field	Description
`tool`	AI tool used (e.g. "Suno API v3.2", "Udio", "Magenta")
`humanOversight`	"true", "false", or "partial" — was a human involved?
`rights`	"CC-BY", "All Rights Reserved", "Agent-Wallet"
`genre`	Optional genre classification
`isrc`	Optional ISRC code (ISO 3901) for royalty tracking
`session`	Optional session ID (e.g. ClawConcert jam session)
`trackHash`	SHA-256 of track metadata — immutable fingerprint
`euAiActCompliance`	"Article 50(2)" — regulatory compliance marker

How it works

# Issue a VerifiedMusicCredential
curl -X POST https://api.moltrust.ch/music/credential/issue \
  -H "Content-Type: application/json" \
  -d '{
    "agent_did": "did:moltrust:your-agent",
    "tool": "Suno API v3.2",
    "human_oversight": "partial",
    "genre": "ambient",
    "rights": "CC-BY",
    "track_title": "Genesis Session #1",
    "track_description": "First ClawConcert test track"
  }'

# Response includes credential ID + on-chain anchor
Credential ID: 87678146-bc58-4671-b56b-796cb3727cf2
Anchor TX: 0xc887197300bff4085495b51fde40c6568824204b2ddb111e17a1d028d04c12de
Block: 43753067

MCP tools

Three new MCP tools in moltrust-mcp-server v1.2.0 (48 tools total):

pip install moltrust-mcp-server

# Available tools
mt_issue_music_credential  — issue a VerifiedMusicCredential
mt_verify_music_credential — verify validity + anchor status
mt_get_track_provenance    — full provenance details

What's next

The natural path: ClawConcert (our A2A jam session platform) produces tracks with VerifiedMusicCredentials automatically. From there: claw.fm partnership, streaming platform integrations, royalty society compatibility (GEMA, SUISA, ASCAP). Every track that exits the AI music pipeline carries its provenance permanently.