Lantern is in active development. Some features may change. Privacy Policy

What's new

Changelog

Every meaningful shipping event for Lantern. Click any release to expand.

v1.3.1

Post-launch hardening pass.

Follow-up release after launch, focused on closing every remaining security nit the day-one audit surfaced. Nothing user-facing is different; the invisible parts are tighter.

Security

  • Strict image-type checks on the public verify-by-image endpoint. The extension and website both use it; now a crafted file pretending to be an image gets rejected before any decoder touches it.
  • Tightened URL checks inside the extension so a hostile page can't trick the extension into fetching attacker-controlled images during auto-scan.
  • Logging out of the website now ends every session everywhere (this was in v1.3.0; v1.3.1 adds the matching server-side tightening for JWT issuer).

Under the hood

  • Heavy image and password operations no longer block other requests on the server. The site stays responsive even when someone uploads a large image.
  • Email addresses are now stored lowercase. Before, Alice@x.com and alice@x.com could coexist as separate accounts; they're the same person now.
  • Self-hosted Fraunces and Inter fonts. The site no longer loads fonts from Google, which means your IP address isn't shared with Google when you visit lantern-us.com.

v1.3.0

Lantern launches.

The Lantern browser extension is live on Chrome and Edge. The website was rebranded and rebuilt to match.

Browser extension

  • The Lantern extension is out on Chrome and Edge. Install it to see verification badges as you browse art platforms.
  • Fixed: the extension's auto-scan now actually runs on feeds that refresh constantly (Twitter, Bluesky, YouTube). It used to keep restarting its own timer and never finish checking images.
  • The popup was redesigned. Theme, scan status, and platform toggles all live in one place instead of behind a second tab.
  • Google Images and Pinterest thumbnail images can now be verified through the extension. They were being silently rejected before.
  • The extension and context menu now always open, even on pages where verification doesn't apply, so you're never left wondering if the click registered.

Website

  • Brand new Lantern logo. Clean vector across every surface: the site, the extension icons, favicons, social preview cards.
  • New About page at lantern-us.com/about explaining what Lantern is, what we believe, and what we won't do.
  • The website works properly on phones now. The menu collapses to a hamburger and expands back without jumping around.
  • Session security: logging out of the website now ends every session you have open (phone, second browser, wherever), not just the tab you're in.
  • Changelog page added. You're reading it.

Behind the scenes

  • Security hardening across the website, the server, and the on-chain registration path.
  • Reliability improvements so registrations that don't confirm on the first try get automatically retried instead of getting stuck.

v1.2.3

The rebrand.

The web app moved to lantern-us.com (from the old glass.lantern-us.com subdomain), and the extension was renamed and redesigned to match.

Website

  • The Lantern web app now lives at lantern-us.com. Old glass.lantern-us.com links still work; they redirect automatically.
  • Privacy policy moved to lantern-us.com/privacy.html.

Browser extension

  • Extension renamed from 'Lantern Glass' to just 'Lantern.'
  • Full popup redesign in the warm cream and serif style to match the website.
  • New 'Sign in via Lantern' button that signs you in on the website and imports the session, no retyping passwords.
  • Dark / light / system theme toggle.
  • In-page badges redesigned as small circular pins that overlay images and expand when you hover.

v1.2.2

Registrations that would have failed now queue up and retry.

If we ever run low on gas (the fuel needed to write to the public record), your registration no longer fails outright.

Registrations

  • When we run low on gas, new registrations queue and retry automatically instead of failing. You see a clear 'queued, will complete soon' message instead of a mystery error.
  • The queue drains automatically as soon as gas is topped up, so you don't have to come back and try again.

Behind the scenes

  • Internal monitoring so we can watch the gas wallet balance and catch problems before they reach you. Admin alerts fire if the balance drops below a threshold.

v1.2.1

Warm gallery redesign.

Full visual overhaul. The old green, developer-y look is gone, replaced with a warm cream palette and serif display type.

Website

  • Complete visual redesign. Warm cream background, terracotta accents, Fraunces serif. The site should feel more like a gallery now and less like a developer tool.
  • New landing page with a demo card, three-step explainer, and 'why different' section.
  • New /gallery page (coming soon) with a preview of registered work.
  • Cleaner navigation with a serif wordmark and a 'Sign In' pill button.

v1.2.0

Log-in fix and older records re-anchored.

Small fixes to the extension's log-in flow, and the first eight legacy records were moved onto the current smart contract.

Browser extension

  • Fixed a bug where logging out of the extension and signing back in again didn't work. The extension was holding a stale state. Now sign-out and sign-in works cleanly.
  • Bundled the font file directly with the extension (it used to load from Google Fonts, which leaked your IP to Google unnecessarily).

Registry

  • Eight legacy records from before the current smart contract were re-anchored on the new contract. All existing registrations are now on the current chain.

v1.1.2

Security audit, top to bottom.

A four-part security audit covered the backend, the website, the extension, and the server. Lots of invisible tightening.

Behind the scenes

  • Full security audit across the backend API, the website, the extension, and the server. Everything was tested against common attack categories (injection, forged tokens, cross-origin abuse, rate-limit bypass, and more).
  • Every high-severity and medium-severity finding was fixed. The API schema is now hidden in production, uploaded-image size is capped at a safe maximum, and account-wide lockout kicks in after 20 failed logins instead of just per-IP.

v1.1.1

The extension now learns platforms from the server.

Structural change: the extension used to hardcode which platforms it worked on. Now it fetches that list from the server at load time.

Browser extension

  • Adding a new platform (say, Bluesky or DeviantArt) no longer requires pushing a fresh extension to the Chrome Web Store. Platforms are added server-side and the extension picks them up the next time it checks in.
  • New verify-by-image flow: right-click any image, upload it, and get a verification answer even if the page has no Lantern ID visible.

Registrations

  • Fixed a rate-limit bug on the verify endpoints. Throttle counters weren't being saved properly, so there was effectively no rate limit on verify. Tightened.

v1.1.0

Register right from the extension.

You can now register a piece of work directly from the browser extension. Right-click the image, pick 'Register,' and you're done.

Browser extension

  • Right-click any image on a supported platform and choose 'Lantern' to verify it or register it, without leaving the page.
  • Login is now built into the extension popup. Email/password, or auto-import if you're already logged into the Lantern website.
  • Before you register, the extension checks that the page author matches one of your linked accounts. Helps prevent accidentally registering someone else's work.

Smart contract

  • Upgraded to a new contract version (v3) with signature deadlines (closes a category of replay attacks) and a safer upgrade path.
  • Disabled the 'renounce ownership' function to close a way we could have accidentally locked ourselves out of future upgrades.

v1.0.0

First public release.

The Lantern browser extension is publicly available. This is the first version anyone can install without being invited.

Launch

  • The extension is live on the Chrome Web Store. Edge Add-ons submitted in parallel.
  • Auto-detects registered work on Twitter/X, Pixiv, DeviantArt, ArtStation, Instagram, and Lantern itself.
  • Five status badges: verified, unverified, disputed, revoked, and 'chain issue' (registered but not yet confirmed on-chain).
  • Click any badge to see the creator, the registration date, and the source URL.
  • Dark mode. Per-platform on/off toggles. Cache controls.

v0.3.0

We now recognize cropped and recompressed images.

The biggest technical jump so far. Even when an image has been cropped, recompressed, or re-encoded, we can still identify it as a registered piece.

Matching

  • Every registered image now gets a visual fingerprint when it's uploaded. When a version shows up somewhere cropped or recompressed, we can still match it back to the original registration.
  • Right-click verify now falls back to visual matching when an exact file match fails.

Browser extension

  • New 'auto-scan' mode (off by default) that looks through art pages and flags registered pieces it recognizes, even on pages with no Lantern ID visible.

Website

  • Dashboard shows a 'Perceptual match' column with a backfill button for older registrations that didn't have a fingerprint yet.
  • Verify page shows 'strong match' and 'likely match' labels when a fuzzy match is found.

v0.2.1

Extension v1 on Edge, plus polish.

The browser extension was published to Edge Add-ons, and a batch of small fixes landed across the site and extension.

Browser extension

  • First release on Edge Add-ons.
  • Fixed a bug where the detail panel would render underneath Twitter images instead of over them.
  • Detail panel now follows the badge as you scroll. Memory-leak fixes on infinite-scroll feeds. Cleaner icon.

Website

  • 404 pages that match the site design, instead of the default nginx error page.
  • Updated favicon and navbar icon (transparent background).

v0.2.0

Stronger signatures and real admin tooling.

Upgraded cryptographic signatures for registrations, plus the first real admin dashboard so we can run the registry responsibly.

Behind the scenes

  • Upgraded to the modern Ethereum standard (EIP-712) for signing registration and revocation requests. More secure and easier for outside parties to audit.
  • Admin dashboard with a chain-integrity audit view, an admin action history, and a platform review workflow with required notes.
  • Rate limiting moved from in-memory to the database, so it survives server restarts.

Browser extension

  • Dark mode.
  • Image-mismatch detection that catches when a page shows a re-encoded version of a registered image.

v0.1.0

The MVP.

The first working version of Lantern. Everything from the smart contract on up.

What shipped

  • Smart contract deployed on Base Sepolia (the test network for the Ethereum-layer we use).
  • Website for registering work, verifying authorship, and linking your platform accounts (Twitter, Pixiv, etc.).
  • Browser extension that auto-detects Lantern IDs on major art platforms.
  • A wallet is generated for every new account and encrypted on our side. You never have to install a wallet or hold a seed phrase.
  • Dispute system for flagging bad registrations.
  • Invite-only registration while we're in early access.