The certificate of authenticity is supposed to be the one piece of infrastructure that outlives the artist. In practice, most COA solutions being sold to artists today contain a hidden dependency: they stop working when someone else's server goes offline.

Here's how I evaluated the options and why I landed on the only one that doesn't require trust in a third party to keep functioning.

The problem with paper

Paper COAs are easy to forge, easy to lose, and impossible to verify independently. A printed certificate with a signature and a holographic sticker tells the buyer exactly one thing: someone owned a printer and a holographic sticker. For work sold at the price point where provenance matters, paper is not a serious answer.

The art world has known this for decades. Foundations have stopped issuing paper certificates after getting sued over forgeries that carried apparently legitimate documentation. The format is broken. Nobody disputes this.

Platform-based digital certificates

Verisart is the most common solution artists reach for. It timestamps certificate data on the Bitcoin blockchain and links NFC chips or QR codes to digital records. On the surface, this looks solid. Blockchain-backed provenance. Identity verification. A clean interface.

The part that gets less attention: the NFC chips Verisart uses are standard off-the-shelf tags. They store a serial number that points to a record on Verisart's platform. The chip itself cannot prove anything cryptographically. It's a pointer to someone else's database. If Verisart shuts down, restructures, or simply changes its API, the link between your physical chip and its digital record depends on whether the company keeps its infrastructure running. The blockchain timestamp survives, but the verification pathway breaks.

The same structural problem applies to most NFC-based authentication platforms. Standard NFC tags use symmetric cryptography, meaning a secret key must be stored on a server somewhere to verify the chip. Anyone who compromises that server, or anyone who outlives that server, inherits the ability to forge or the inability to verify. For a medium that's supposed to last longer than a company's business model, that's a fundamental design flaw.

NFT-as-COA

Minting an NFT as a standalone certificate solves the server dependency problem, but creates a new one: the token and the physical object have no binding relationship. An NFT can be transferred without the art changing hands. The certificate of authenticity and the artwork it certifies can end up with different people, which defeats the purpose entirely.

What Arx HaLo actually solves

HaLo chips are the first NFC tags built on asymmetric cryptography. Each chip self-generates a unique keypair. The private key never leaves the chip and cannot be extracted. The public key can be stored anywhere, on-chain, in a database, on paper, without creating a security risk.

The practical consequence: a HaLo chip can prove its own identity by generating a cryptographic signature on demand. No server call. No API. No company that needs to stay in business. You hold your phone to the chip, it signs a challenge, and the signature can be verified against the public key. The chip is self-certifying.

The PBT standard (EIP-5791) takes this further. It binds the chip's public key to an on-chain token, then enforces a constraint that the token can only be transferred when someone physically has the chip and scans it. The NFT cannot move without a fresh signature from the hardware. This means the certificate of authenticity is physically locked to the artwork. Ownership of the digital record requires possession of the physical piece.

For algorithmic art that already lives at the intersection of code and physical material, this is the architecturally correct solution. The provenance system reflects the same principles as the work itself: deterministic, verifiable, independent of institutional validation.

The honest limitations

HaLo chips require the buyer to have an NFC-enabled phone. Most smartphones made after 2018 qualify, but it adds a step. The on-chain component means someone needs to interact with a blockchain, which is still a usability barrier for buyers who aren't crypto-native. The chips are more expensive than standard NFC tags. And the ecosystem is young, so tooling and documentation are still maturing.

I can live with all of this. The alternative, picking a solution that's easier to set up today but structurally dependent on a company's continued existence, optimizes for convenience at the cost of the thing a COA is supposed to provide: permanence.

Why this matters for machine-executed art

Every MCHN.ART piece is a unique physical execution of an algorithm. The code, the machine, and the environmental conditions at the moment of execution make each piece unreproducible. A provenance system for this work should match that rigor. A certificate that relies on someone else staying online is a certificate with an expiration date you can't see. A self-certifying chip embedded in the piece is provenance that works as long as cryptography works.

The art outlasts the artist. The certificate should too.