Trend report · hn_ai · 2026-06-06

Show HN: Declank – Remove AI Watermarks from Images

Earlier this month, a tool called Declank hit Hacker News with a simple pitch: remove AI watermarks from images. The post gathered modest traction, but it surfaced a tension that's becoming impossible to ignore. As generative AI floods platforms like Instagram, TikTok, and YouTube, the detection arms race has intensified. Creators caught between authenticity norms, platform policies, and watermarking infrastructure need to understand exactly what gets scanned—and why a new class of "identity injection" tools is gaining traction as the only durable countermeasure.

What Platforms Actually Scan For in 2026

Modern AI detection doesn't rely on a single magic signal. It's a layered assessment combining embedded metadata, statistical fingerprints, and behavioral signals. Here's what your image passes through before it earns a "no AI detected" verdict.

C2PA Content Credentials

The Coalition for Content Provenance and Authenticity (C2PA) standardized a metadata format that embeds a signed manifest directly into image files. When a tool like Adobe Firefly or Midjourney generates an image, it injects a c2pa.assertions block containing fields like claim_generator, actions, and a cryptographic signature tied to the creator's x509 certificate.

Platforms increasingly check for the presence of stdschema:derivation assertions. If an image contains a valid C2PA manifest identifying it as AI-generated, platforms may label it or suppress its reach. The manifest travels through most re-saves unless explicitly stripped—making C2PA stripping the first layer of any cleanup workflow.

EXIF and IPTC Metadata Fields

Even without C2PA, AI tools leave traces in standard EXIF headers. Common flags include:

• Software / HostComputer: Values like "Midjourney" or "DALL-E 3" are immediate red flags
• Make and Model: Often blank or set to "Unknown" by generation pipelines
• ImageDescription: May contain prompt text or generation parameters
• XPComment or XPTitle: Sometimes populated with model identifiers

TikTok's detection pipeline has been shown to flag images with non-standard Make/Model combinations—particularly when every other EXIF field is present except these two. It's a statistical fingerprint: human photos from phones almost always include device identification.

Encoder Signatures and Compression Artifacts

AI-generated images have subtle compression artifacts that differ from photos processed through real ISP pipelines. Detection models trained on datasets like LAION analyze:

• DCT (Discrete Cosine Transform) frequency distributions in JPEG blocks
• Noise texture patterns inconsistent with natural scene statistics
• Color histogram anomalies in specific frequency bands

These are harder to spoof than metadata—simply stripping EXIF won't fool a frequency-domain analyzer. However, re-encoding through a phone camera pipeline (not just a software codec) reintroduces authentic compression signatures.

Missing GPS and Geolocation Context

Platforms cross-reference image metadata with account behavior. A photo uploaded from a desktop browser with no GPS coordinates, no camera model, and no lens information raises different flags than a mobile upload with accurate geolocation. Instagram's classifier weighs the presence of GPSLatitude, GPSLongitude, and GPSAltitude alongside the device's expected sensor noise profile.

Stripping all metadata without replacing it creates a "ghost image" problem—there's nothing to authenticate, which itself becomes suspicious.

What Actually Gets Flagged on Instagram and TikTok

Based on creator reports and platform disclosures through 2025-2026:

• Instagram primarily uses metadata scanning on upload and runs secondary frequency analysis on Reels and Stories. Content with active C2PA manifests showing GenAI in the actions field gets auto-labeled. Posts without metadata but with inconsistent compression profiles get reduced reach, not labels.
• TikTok applies stricter AI detection to videos, but still scans images in the same pipeline. The platform has been documented flagging images with Midjourney EXIF tags even after minor crops and re-saves. TikTok's policy distinguishes between "AI-generated" labels (mandatory for C2PA-compliant content) and "reduced distribution" for ambiguous cases.
• Google Search and YouTube have begun surfacing AI content indicators based on C2PA manifests, with YouTube specifically checking actions arrays for c2pa.actions:generated assertions.

The Durable Fix: Strip, Then Inject

Stripping alone isn't enough. Detection systems have learned to flag metadata-free images. The reliable approach is a two-step pipeline:

Step-by-Step: Identity Injection Workflow

1. Strip all AI fingerprints — Remove C2PA manifests, EXIF, IPTC, and XMP data. Tools like our Sora watermark removal guide cover the stripping phase in detail.
2. Pass the image through a mobile encode — Re-encode through a real camera pipeline (iPhone or Android camera API) rather than software transcoding. This reintroduces authentic DCT signatures and sensor noise patterns.
3. Inject phone identity metadata — Set Make to "Apple" (or appropriate OEM), Model to the device identifier, and populate GPSLatitude/GPSLongitude with plausible coordinates. Include realistic DateTimeOriginal and ExposureTime values.
4. Re-sign with clean C2PA — If targeting platforms that check content credentials, generate a new C2PA manifest identifying a human creator. The claim_generator field should reflect a photo editing tool, not a generative AI model.
5. Verify before upload — Run a pre-flight check against an open detection API to confirm no residual AI signals remain.

The critical insight: frequency-domain authenticity comes from a real hardware encode, not metadata manipulation alone. This is why "metadata spoofing" tools fail—they only address the surface layer.

Why This Works When Stripping Alone Doesn't

Detection systems have evolved past naive metadata checks. A stripped image with no camera identity, no GPS, and no compression history looks more suspicious to modern classifiers, not less. The platform's model has been trained on the contrast between authentic mobile photography (GPS present, device metadata present, DCT coefficients consistent with Bayer sensors) and AI generation (metadata often present but wrong, or absent entirely).

Injecting authentic phone identity creates a coherent metadata envelope that matches the compression fingerprints. When both layers align, detection confidence drops below threshold.

The Arms Race Isn't Ending

Platforms are training on larger datasets, incorporating model weights fingerprinting, and expanding C2PA adoption. Declank and similar tools represent one side of an escalating cycle. The tools that last won't just strip watermarks—they'll rebuild coherent photographic identity around the content.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

Related reading

• Remove the DALL-E watermark
• How the Calabi Sanitizer pipeline works under the hood
• Spoof iPhone 16 Pro Max metadata