Overview
- Cisco, which released the open-source Model Provenance Kit on Thursday, is providing the code on GitHub and a starter fingerprint set covering about 150 base models on Hugging Face.
- The toolkit screens architecture first and then runs five checks on the learned weights to score whether two transformer models come from the same source.
- On a 111-pair test, the kit posted an F1 of 0.963 with 96.4% accuracy and missed four pairs only when models were changed by extreme distillation or major structural edits.
- It runs on CPU in compare or scan modes, caches features for reuse, works with any transformer with downloadable weights, and leaves out tokenizer signals to avoid false matches.
- Cisco also published a Model Provenance Constitution that defines derivation at the weight level to support licensing, incident response, and compliance needs referenced by the EU AI Act and NIST guidance.