Signed contributions — provable authorship
Future-tech collaboration lives or dies on provenance — who contributed what, and when. Creator solves this with the same Verified-by-Turtini credential primitive that backs org KYB and professional licenses.
What happens when you submit a contribution:
1. The contribution's content (project, workstream, type, title, body, your author id) is canonicalized and hashed with SHA-256.
2. The platform mints an Ed25519-signed `creatorContribution` credential over that hash, naming you as the author and stamping the time.
3. The credential id is recorded on the contribution. A "✓ Verified contribution" link on the contribution opens its public verification page at /trust/{credentialId}.
Why it matters:
- **Independently verifiable** — anyone, inside or outside Turtini, can check the signature against the public key published at trustPublicKeys. Authorship doesn't depend on Turtini staying online.
- **Tamper-evident** — the content hash commits to exactly what you wrote. Change the contribution and the hash no longer matches.
- **Portable + lifelong** — the credential lives on your personal record. Your contribution history follows you across orgs, teams, and years, the same way an athlete carries their dossier.
If signing ever fails (e.g. the signing key is unavailable), the contribution is still saved with its content hash and shown as "Unsigned" so it can be re-signed later — the collaboration is never blocked.