This work addresses the limitations of diffusion models in content provenance, resilience against re-prompting attacks, and precise tampering localization by proposing a dual-channel latent watermarking framework that uniquely integrates global provenance signals with structured content anchors. The method embeds a Gaussian shadow watermark into the initial noise and introduces a learnable latent fingerprint encoder-decoder in the denoising latent space, enabling robust source attribution and fine-grained tampering detection. Experimental results on a benchmark of 2,400 samples demonstrate that both the false rejection rate for authentic images and the false alarm rate for tampered regions remain below 0.5%, while achieving near-perfect detection accuracy under re-prompting, diffusion-based editing, and eight types of localized tampering attacks.

The rapid adoption of diffusion-based generative models has intensified concerns over the attribution and integrity of AI-generated content (AIGC). Existing single-domain watermarking methods either fail under regeneration, remain vulnerable to black-box reprompting that enables adversarial framing, or provide no spatial evidence for tampered regions. We propose Dual-Guard, a dual-channel latent watermarking framework for practical provenance verification, framing resistance, and region-level tamper localization. Dual-Guard combines two complementary anchors: a Gaussian Shading watermark in the initial diffusion noise as a global provenance signal, and a Latent Fingerprint Codec in the final denoised latent as a structured content anchor. Reprompting tends to preserve the former while breaking the latter, whereas localized edits disturb the content anchor only in tampered regions. In Full mode on a 2,400-sample benchmark, Dual-Guard keeps clean-image authentication false rejection and tamper false alarm below one half of one percent, while maintaining near-complete detection under reprompting, diffusion editing, and eight local tampering attacks.