QPI v2: Evolving QR Codes into Trustworthy Physical Data Containers

Colten Jacob (2026)

Abstract: Building on the Foundation

Let's be honest—QR codes are underutilized. We've built this remarkable global infrastructure for machine-readable symbols, with error correction baked right into the standard, and we use them almost exclusively as glorified hyperlinks. QPI v1 asked the provocative question: "What if the QR code wasn't a link, but the data itself?" This paper takes that question and runs with it, addressing every practical limitation head-on.

The original QPI specification showed how to encode images directly in QR codes, creating self-contained digital artifacts you could hold in your hand. But the community had questions: "What about larger images?" "How do we prevent tampering?" "Can this actually work in the real world?"

QPI v2 answers: "Yes, and here's exactly how." This isn't just theoretical—it's a complete, robust specification you could implement this week. We'll explore multi-QR chunking, integrated verification, compression optimized for the QR environment, and even tie into the fascinating "Trust on First Scan" model to create something genuinely new: trustworthy physical data.

1. Introduction: From Clever Hack to Robust Standard

The first QPI paper established something important: QR codes can be containers. This simple shift in perspective opens doors to applications we haven't even imagined yet. A printed menu that's machine-verifiable. A concert ticket that contains its own artwork and verification. An ID card where the photo is stored right there in the barcode.

But as with any good idea, the devil's in the details. A single QR code has limited capacity (~3KB max). Real-world images need more space. Real-world applications need security. Real-world users need reliability.

QPI v2 addresses these challenges with elegant solutions that respect the constraints of the medium. We're not trying to turn QR codes into something they're not—we're discovering what they could be with careful engineering.

2. The Core Insight: Physical Data has Different Rules

Before we dive into the technical details, let's establish a philosophical principle: Physical data transmission has different constraints than network transmission.

On the internet, we assume:

· Essentially unlimited bandwidth
· Bidirectional communication
· Reliable delivery
· Server-side processing

In the physical world with QR codes:

· Each scan is a one-shot transmission
· No retries unless you rescan
· Error correction is baked in but finite
· The medium itself can be damaged

QPI v2 is designed for this reality from the ground up.

3. Chunking: Breaking the 3KB Barrier

3.1 The Problem Everyone Noticed

Let's address the elephant in the room first. The original QPI paper showed that a single QR code could store small images: maybe a 32×32 RGB logo or an 80×80 grayscale portrait. Useful, but limited.

But what if we don't limit ourselves to one QR code?

3.2 Distributed QPI: A Simple Yet Powerful Idea

Imagine a large image split across multiple QR codes, like a puzzle. Each piece contains:

1. A chunk of the image data
2. Metadata about its position
3. Information about the whole image

Suddenly, our capacity is N × 3KB, where N is the number of QR codes. A poster with 16 QR codes could store ~48KB of data—enough for a 256×256 color image with compression.

3.3 The Chunking Protocol (Simple Version)

Here's how it works in practice:

[Image Identifier: 4 bytes]
[Chunk Number: 2 bytes] 
[Total Chunks: 2 bytes]
[Image Data: Up to ~2900 bytes]

Why this works beautifully:

1. Order doesn't matter—scan chunks in any sequence
2. Partial recovery is possible—get most of the image even if some chunks are missing
3. Progressive rendering—display what you have as you scan

3.4 Real-World Example: The Restaurant Menu

Consider a restaurant menu encoded as QPI:

· QR Code 1: Header, restaurant info, first category (appetizers)
· QR Code 2: Second category (entrees)
· QR Code 3: Third category (desserts), contact info
· QR Code 4: High-resolution logo, digital signature

Printed on a table tent, customers can scan any QR to get partial info, or scan all four to get the complete digital menu. The restaurant can update by reprinting—no app updates, no server maintenance.

4. Trust and Verification: Beyond Simple Storage

4.1 The Trust Problem

If anyone can create a QPI image, how do we know it's legitimate? A counterfeiter could create a fake ticket QPI just as easily as a real one.

4.2 Introducing "Trust on First Scan" Integration

In a separate article, I explored the "Trust on First Scan" model—a system where the first scan of a physical code establishes a baseline of trust. QPI v2 can integrate this elegantly:

How it works:

1. Initial trusted scan connects to a verification server (online)
2. Server returns a cryptographic proof tied to that specific QPI
3. This proof is cached locally
4. Future scans can be verified offline against this cached proof

For QPI, this means:

[Standard QPI Image Data]
[Optional: Hash of image data]
[Optional: Cryptographic signature]
[Optional: "Trust Anchor" identifier]

The trust anchor could be:

· A public key distributed with the app
· A hash registered on a blockchain
· A certificate from a known authority

4.3 Practical Security Levels

Not every QPI needs NSA-level security. We define tiers:

Level 1: Integrity Only

· Contains SHA-256 hash of the image
· Ensures the image hasn't been altered since creation
· No authentication of source

Level 2: Source Authentication

· Contains digital signature
· Requires public key distribution
· Proves who created it

Level 3: Time-Bound Trust

· Includes timestamp and expiration
· Prevents replay of old versions
· Useful for tickets, certificates

Level 4: First-Scan Trust

· Integrates with Trust on First Scan model
· Initial online verification caches trust
· All future verifications work offline

4.4 The Beautiful Part: Backward Compatibility

The security data sits after the image data in the byte stream. A simple QPI v1 decoder will:

1. Read the image successfully
2. Ignore the extra bytes it doesn't understand
3. Display the image (without verification)

A QPI v2 decoder with security support will:

1. Read the image
2. Detect security footer
3. Perform verification
4. Show verification status to user

This means security can be added incrementally without breaking existing deployments.

5. Compression: Making Every Byte Count

5.1 The Reality of 3KB

When you only have 3,000 bytes to work with, every byte matters. A naive RGB image encoding wastes space. QPI v2 includes intelligent compression strategies:

5.2 Mode-Specific Optimization

For photographs (natural images):

· Convert to YCbCr color space
· Chroma subsampling (4:2:0)
· DEFLATE compression
· Result: ~60% smaller than naive RGB

For logos and graphics:

· Optimal palette selection (median cut algorithm)
· Run-length encoding for large flat areas
· Result: Often 80-90% smaller than RGB

For text and diagrams:

· Convert to 1-bit black and white
· Use specialized compression (CCITT Group 4)
· Result: A full letter-sized page in ~5KB

5.3 Progressive Encoding: Graceful Degradation

Here's a clever trick: encode multiple quality levels in the same data:

[Header: 16 bytes]
[Thumbnail: 200 bytes - 32×32 grayscale]
[Medium quality: 800 bytes - adds detail]
[Full quality: remaining bytes]

If you only scan one QR, you get the thumbnail. Scan more, quality improves. This is perfect for:

· Museum exhibits (quick scan for basic info, full scan for details)
· Product labels (basic info visible immediately, specs with full scan)
· Emergency information (critical info first, details if available)

6. Error Resilience: Expecting Real-World Conditions

6.1 QR Codes Are Surprisingly Robust

The Reed-Solomon error correction in QR codes is excellent—up to 30% of the code can be damaged and still read correctly. But QPI v2 adds additional layers:

6.2 Cross-Chunk Parity

Similar to RAID 5 for hard drives or PAR files for Usenet, we can add parity chunks:

Image Data: [Chunk 1] [Chunk 2] [Chunk 3]
Parity Data: [Parity 1] = Chunk 1 ⊕ Chunk 2
             [Parity 2] = Chunk 2 ⊕ Chunk 3

If any one chunk is missing, it can be reconstructed from the others. This means:

· Print the image chunks on the front of a document
· Print parity chunks on the back
· Even if part is damaged, full recovery is possible

6.3 Checksums at Multiple Levels

1. Byte-level: QR's built-in error correction
2. Chunk-level: CRC32 for each chunk
3. Image-level: SHA-256 for complete image
4. Optional: Error-correcting codes within the image data itself

7. The QPI v2 File Format: Complete Specification

7.1 Header (16 bytes - fixed)

Bytes 0-3:   Magic number "QPI2" (0x51 0x50 0x49 0x32)
Byte 4:      Version (0x02)
Byte 5:      Flags (bit field)
              Bit 0: Compression enabled
              Bit 1: Security footer present
              Bit 2: Multi-chunk mode
              Bit 3: Progressive encoding
              Bit 4: Palette optimized
              Bits 5-7: Reserved
Bytes 6-7:   Image width (big-endian)
Bytes 8-9:   Image height (big-endian)
Bytes 10-11: Total chunks (1 = single QR)
Bytes 12-13: This chunk index (0-based)
Bytes 14-15: Payload length (bytes in this chunk)

7.2 Color Mode Byte

0x00: Reserved
0x01: Grayscale (8-bit)
0x02: RGB (24-bit)
0x03: Indexed-16 (4-bit palette)
0x04: Indexed-256 (8-bit palette)
0x05: Black/White (1-bit)
0x06: YCbCr 4:2:0 (12-bit effective)
0x07-0xFF: Reserved

7.3 Palette Section (if indexed modes)

Immediately follows color mode byte:

· Each palette entry: 3 bytes (R, G, B)
· Indexed-16: 48 bytes total
· Indexed-256: 768 bytes total

7.4 Compression Header (if compression enabled)

Byte 0: Compression type
          0x01: DEFLATE (zlib compatible)
          0x02: QPI-RLE (simple run-length)
          0x03: CCITT G4 (for 1-bit images)
Bytes 1-2: Uncompressed size (big-endian)

7.5 Image Data

· Stored row by row, left to right
· Format depends on color mode
· May be compressed

7.6 Security Footer (if enabled)

Byte 0: Security type
          0x01: SHA-256 only
          0x02: ECDSA signature (64 bytes)
          0x03: Timestamp + signature (72 bytes)
          0x04: Trust anchor reference
Bytes 1-2: Security data length
Bytes 3+:  Security data

8. Implementation: Making It Real

8.1 Decoder Flow

Camera → QR Detection → Byte Extraction → 
Is QPI? → Yes → Parse Header → 
Multi-chunk? → Wait for/assemble chunks → 
Decompress → Verify Security → 
Render Image + Verification Status

8.2 Performance Considerations

On modern smartphones:

· Single QPI decode: < 100ms
· Multi-chunk assembly (4 chunks): ~300ms
· Security verification: < 50ms
· Total user experience: Feels instantaneous

Memory usage:

· Decoding a 48KB image (16 chunks): < 2MB RAM
· Suitable for even low-end devices

9. Killer Applications: Why This Matters

9.1 Self-Verifying Physical Documents

Imagine a university diploma that contains:

· The official text
· The graduate's photo
· The registrar's digital signature
· A link to the online verification (optional)

All in a single scannable area. No separate barcode, no QR that points somewhere else—the credential is the data.

9.2 Tamper-Evident Packaging

Pharmaceutical companies could print QPI codes on medication packaging containing:

· Legitimate product photo
· Batch number and expiration
· Manufacturer's signature

Counterfeiters would need to replicate both the visible packaging and the digital signature—much harder than just copying the box design.

9.3 Disaster-Resilient Information

In areas with poor connectivity:

· Emergency procedures
· Maps of evacuation routes
· Contact information for aid organizations

Printed on walls, distributed on cards. Always available, always verifiable, never dependent on servers.

9.4 Digital-Physical Artifacts

An artist creates a digital piece, then prints it as QPI. The print contains:

· The artwork itself (as thumbnail or full-res if multi-QR)
· Artist's statement
· Certificate of authenticity
· Link to NFT or digital original

The physical print becomes a first-class digital object, not just a reproduction.

10. Challenges and Limitations

Let's be transparent about the trade-offs:

1. Capacity is still finite
   Even with chunking,we're talking kilobytes, not megabytes. QPI won't replace JPEG for family photos. It's for purpose-sized images.

2. Scanner compatibility
   While any QR scanner can read the bytes,only QPI-aware software will interpret them as images. This requires app installation.

3. Print quality matters
   Low-resolution printers,poor contrast, or reflective surfaces can reduce scanning reliability.

4. Security is only as good as key management
   If private keys are compromised,the verification breaks. This isn't unique to QPI—it's true of all digital signatures.

11. The Future: Where Could This Go?

QPI v3 might explore:

· Color QR integration: Using colored modules for higher density (once color QR standards mature)
· Animated QPI: Scanning multiple codes in sequence creates animation
· Interactive QPI: Codes that change based on context or user interaction
· 3D QPI: Using paper texture or special inks for additional data layers

But here's the exciting part: QPI v2 is implementable today with existing technology. No new hardware, no standards committee approval (though that would be nice), just clever use of what we already have.

12. Conclusion: A New Relationship with Physical Data

QPI began with a simple but radical idea: QR codes can be destinations, not just directions. QPI v2 builds on that foundation to create something genuinely useful: a way to store and verify data in the physical world with digital precision.

The implications are profound. We're talking about:

· Democratizing data storage—anyone with a printer can create permanent, verifiable data
· Bridging digital and physical—creating objects that live in both worlds seamlessly
· Enabling offline trust—verification without connectivity

Most importantly, QPI respects the constraints of its medium. It doesn't try to turn QR codes into something they're not. Instead, it discovers what they could be with careful design and a bit of creativity.

This is more than a technical specification—it's an invitation. An invitation to reimagine how data can live in the physical world. To create artifacts that are both human-readable and machine-verifiable. To build systems that work even when the network doesn't.

The code is waiting to be written. The applications are waiting to be built. The future of physical data starts with a simple scan.

---

For queries and recommendations : coltenjacob2008@gmail.com

Related Article (QPI v1) : https://dev.to/colten_jacob_10ec3150930b/qpi-qr-pixel-imaging-4el7

Related Article (TOFS Model) : https://dev.to/colten_jacob_10ec3150930b/making-qr-codes-safe-by-design-a-trust-on-first-scan-model-tofsa-8-46i4