Deloy
Back to the blogCompliance

Deloy DNA: why every track signs its own authorship

The AI Score and the HMAC-SHA256 certificates aren't a technical feature — they're the foundation everything else rests on.

Cristian AranedaMay 05, 2026 · 6 min read

The most uncomfortable question we get when we explain Deloy is always the same: how do I know that what I produced with your tool is mine? It's the right question. If you can't answer it, you don't have a serious product.

What Deloy DNA is

Every time you export a track from Deloy, we generate a certificate signed with HMAC-SHA256 that contains four things: the SHA-256 hash of the final export, the AI Score (the percentage of AI contribution measured at session time), the timestamp and the signature. That signature is validated with a key that lives on the server side — it can't be forged by editing the file's metadata.

Why it matters

In the era of generative AI, "I made this" stops being a claim you can defend with your word. Labels, platforms, regulators and partners need to be able to verify it. If your track has 24% AI contribution, it's better that this number is recorded immutably — it protects the producer, it protects the label, it protects the artist whose references trained the virtual Producer.

How the AI Score is measured

It's not a number we estimate at the end. While you produce, Deloy records every suggestion accepted vs. rejected, every parameter the virtual Producer proposes vs. the ones you choose, every block generated vs. the ones you write by hand. The AI Score visible in the plugin is the honest aggregation of those decisions. When you accept more suggestions, the number goes up. When you work from scratch, the number goes down.

What we don't do

We don't sign things we can't verify. If a producer imports stems from outside, we can't know whether those stems were generated with another AI. The Deloy DNA certificate covers what Deloy sees inside the session. It's honest about what it claims and honest about what it doesn't.

How labels use it

The labels we're working with integrate the certificate into their publishing and sync pipelines. When a track goes through their legal flow, the certificate is one of the inputs. If the AI Score exceeds a threshold, an additional review is applied. If it's below, it follows the normal flow. But the decision is made with verifiable data, not the producer's word.

Keep reading

An abstract music production interface with orange light lines on a dark background, representing AI assisting in Ableton Live
Producción musicalMay 26, 20269 min

How to use AI in Ableton without losing control of your music

AI can speed up your production in Ableton or turn your tracks into something you no longer recognize. The difference is in how you use it. A practical guide to make AI work for you, not instead of you.

Read
An abstract soundscape of orange lines on a dark background, representing the landscape of music AI in 2026
IndustriaMay 24, 202612 min

The state of AI in music, 2026

87% of creators already use AI. Deezer receives 30,000 fully generated tracks per day. Spotify removed 75 million. The Wild West phase is ending and the rules phase is beginning. This is what's really happening, and where it's heading.

Read
An orange sound wave split into two halves on a dark background, representing human and AI contribution
IA y autoríaMay 21, 20268 min

AI won't take your authorship — if we build it right

The real fear isn't that AI makes music. It's that it takes the credit. That problem isn't solved with good intentions: it's solved with infrastructure. Here's which one.

Read