Category · 7 min read

Anatomy of a verified brief

April 20, 2026·GoBrief

A creative brief has been a Word document for 40 years. It lived in email chains and Dropbox folders and Slack threads. It never had a standard shape. It never had a public signature. It was never something a machine could trust.

That was fine when "creative" meant one agency, one deliverable, one deadline. It isn't fine anymore.

Today a record label sends a press kit to 40 journalists, a festival collects 80 sponsor packets, an agency runs 12 concurrent client intakes. Each of those is a two-party exchange with a spec. Each one deserves its own verifiable artifact.

The brief is that artifact. A brief has:

  • One sender (the organization asking)
  • One recipient, or a list of scoped recipients
  • One direction: collect (intake) or deliver (press kit, handoff)
  • N placements, each with a machine-readable spec
  • A privacy posture: AI training off, tracking pixels off, retention disclosed
  • An optional detached signature over the whole thing

That's it. You can write it as JSON. You can publish the schema. You can verify it programmatically.

We did: the full schema is at /.well-known/gobrief-spec.json and the human version is at /spec. The format is public domain (CC0). Any tool can implement it.

Why bother with an open spec?

Because a brief outlives the tool. If your label sends a press kit through GoBrief and the kit needs to be verifiable in five years, the format has to be standard. If a competitor builds a better tool and you want to switch, your briefs should move. If a regulator ever asks "was this asset delivered under embargo," the hash-chained audit log has to answer that without us in the loop.

The brief is a two-party protocol. The moment you lock the protocol to one vendor, you've broken it.

What you get from this, practically

You're a publicist sending a release kit to Rolling Stone. The URL you share is gobrief.co/b/abc123xyz. Elena opens it. She sees the verified-brief trust header. She sees what you're asking (or delivering). She uploads or downloads without creating an account. Every open, every download, every approval is logged to a hash-chained audit trail you can export as JSON and an outside auditor can verify.

No scope creep. No vaporware. Just a brief, done right.

Put the idea to work

Brief your next partner. Free, no credit card.

Start freeWalk a scenario

More stories

How creative actually ships

Why file-request forms kill creative timelines

Dropbox File Request, WeTransfer, Google Forms, and Typeform all converged on the same broken pattern. Here's what they miss, and what good looks like.

Read

Festival ops

How a festival cuts its sponsor-asset cycle from eleven weeks to two

A walkthrough of what actually happens in the 77 days between "sponsor signed" and "assets delivered to the printer" , and which 70% of it is pure coordinator time.

Read