The work of University of Tartu intersectoral doctoral researcher Eduardo Brito could reshape how we verify truth in the digital world. His research on a decentralised Proof-of-Location system, recently published in Nature Scientific Reports , offers a new way to cryptographically prove where and when something happened, without compromising privacy or relying on centralised authorities.
In an era of synthetic media, GPS spoofing, and rising digital distrust, how can we prove that something truly happened in a specific place at a specific time? In 2023, millions of people and even media outlets like Time, Fox Business and CBS News shared AI-generated photos of Pope Franciscus wearing a white Balenciaga puffer jacket. This forced the Pope himself and the Vatican City to publicly comment on the dangers of AI-generated deepfakes, referencing how such tools can distort reality and truth.
In the near future, it might be much harder to fool people with manipulated media. In his recent article published in Nature Scientific Reports , Eduardo Brito, an intersectoral doctoral researcher at the University of Tartu Institute of Computer Science, in collaboration with Cybernetica AS, introduces the world's first unified, system-level architecture for decentralised Proof-of-Location systems, capable of cryptographically verifying a person's or device's physical presence at a specific time and place.
What is Proof-of-Location?
Proof-of-Location (PoL) is a system that generates a secure, verifiable digital proof of physical presence. "Imagine someone says, 'I was at this place at this time.' PoL makes it possible to verify that claim without simply trusting their word or revealing unnecessary private data. It's a secure, verifiable stamp of presence that others can check without relying on a single company or government," Brito explains.
While GPS and Wi-Fi triangulation can estimate location, they fall short when it comes to tamper-resistance, privacy, and decentralisation. Brito's model uses a network of nearby devices, called witnesses, to co-sign location claims. Each witness cryptographically attests to the presence of a device (the prover) at a certain time and place. These attestations can then be verified by third parties without involving a centralised authority.
When photos lie
Brito's inspiration came from the growing sophistication of AI-generated media. "It made me wonder: if we can no longer trust our eyes, how do we protect the truth in the digital world?" That concern soon extended to physical-world events, like presence and location. The result is a PoL system with wide-reaching applications:
- Content authentication: Verifying the time and place where photos or videos were captured
- Supply chain tracking: Confirming the integrity and location of goods during transit
- Digital alibis: Supporting legal disputes or compliance audits
- Civic participation: Enabling secure, anonymous presence verification for voting
Resisting misuse
Unlike centralised systems, Brito's decentralised PoL architecture includes several safeguards to prevent misuse – such as involuntary witnessing or mass surveillance. "We can't make misuse impossible, but we sure can make it much harder," Brito notes.
Cryptographic consent through consensus means that devices must opt in before participating as witnesses. Without explicit participation, they cannot sign or contribute to proofs. Secondly, proofs reveal only what is necessary for verification – no raw data that could expose bystanders is shared. The decentralised trust model ensures that there is no single authority collecting or storing all proofs, and no central database that could be exploited for surveillance. The system is not built to rely purely on policy or goodwill; it has been designed from the ground up to make misuse technically more difficult.
Challenges in adoption
Despite its potential, decentralised PoL systems may face resistance from multiple fronts. "Legacy systems are deeply embedded and expensive to replace," Brito says. Entities that profit from controlling location data, such as large tech firms or surveillance-heavy governments, may be reluctant to adopt decentralised alternatives.
He anticipates early adoption in content authentication and logistics, where unreliable location data already causes real-world problems. Civic uses and infrastructure auditing may follow once regulatory frameworks mature.
Looking ahead
The research team is now scaling prototypes and testing real-world deployments. Initial conversations with governments, NGOs, and private companies are underway, exploring use cases in journalism, digital asset verification, and critical infrastructure.
"Five years from now, I see PoL quietly integrated into many of the systems we already use," Brito says. "It might support trust in digital media without most users even noticing. In law, it could become an accepted form of evidence. And in crises, from natural disasters to conflicts, it could help verify on-the-ground information quickly and reliably."
Open-sourcing the protocol is part of the roadmap, ensuring that transparency and community scrutiny remain central to the project.
In a world increasingly shaped by digital uncertainty, Brito's decentralised Proof-of-Location offers a promising way forward – one built not on blind trust, but on cryptographic truth.
