WAVES is a benchmark for assessing the robustness of image watermarks, addressing the limitations of current evaluation methods. It integrates detection and identification tasks and establishes a standardized evaluation protocol with a diverse range of stress tests, including traditional image distortions and advanced adversarial attacks. The benchmark evaluates two key dimensions: the degree of image quality degradation and the effectiveness of watermark detection after attacks. WAVES reveals previously undetected vulnerabilities in modern watermarking algorithms and provides a comprehensive toolkit for future robust watermark development. The benchmark includes a wide range of attacks, such as distortion, regeneration, and adversarial attacks, and evaluates watermark robustness using performance vs. quality 2D plots. It also introduces a normalized quality metric to assess image degradation and attack effectiveness. WAVES evaluates three prominent watermarking algorithms—Stable Signature, Tree-Ring, and StegaStamp—revealing their vulnerabilities to different types of attacks. For example, Tree-Ring is particularly vulnerable to adversarial attacks, while Stable Signature is susceptible to regeneration attacks. WAVES provides a standardized framework for benchmarking watermark robustness and attack potency, enabling a comprehensive analysis of various watermarks. It highlights the importance of diverse and watermark-tailored defensive strategies due to the significant variation in attack effectiveness across different watermarking methods. The benchmark also emphasizes the risks of using publicly available VAEs in watermarked diffusion models, as they can be easily compromised by adversarial attacks. The results show that different watermarking methods have different vulnerabilities. Tree-Ring is more vulnerable to adversarial attacks, which generally cause less quality degradation, while Stable Signature is susceptible to most regeneration attacks. StegaStamp, on the other hand, is robust against these attacks but may introduce artifacts. The benchmark also highlights the need for improved watermarking strategies, including the use of more transformations in training and the development of more accurate DDIM inversion techniques. WAVES contributes to the understanding of watermark vulnerabilities and provides a benchmark for evaluating and enhancing watermark strength. It underscores the importance of robust watermarking in protecting creative ownership and preventing the misrepresentation of AI-generated content as real. The benchmark sets a standard for evaluating and improving watermarking techniques, supporting the development of more secure and effective digital watermarking technologies.WAVES is a benchmark for assessing the robustness of image watermarks, addressing the limitations of current evaluation methods. It integrates detection and identification tasks and establishes a standardized evaluation protocol with a diverse range of stress tests, including traditional image distortions and advanced adversarial attacks. The benchmark evaluates two key dimensions: the degree of image quality degradation and the effectiveness of watermark detection after attacks. WAVES reveals previously undetected vulnerabilities in modern watermarking algorithms and provides a comprehensive toolkit for future robust watermark development. The benchmark includes a wide range of attacks, such as distortion, regeneration, and adversarial attacks, and evaluates watermark robustness using performance vs. quality 2D plots. It also introduces a normalized quality metric to assess image degradation and attack effectiveness. WAVES evaluates three prominent watermarking algorithms—Stable Signature, Tree-Ring, and StegaStamp—revealing their vulnerabilities to different types of attacks. For example, Tree-Ring is particularly vulnerable to adversarial attacks, while Stable Signature is susceptible to regeneration attacks. WAVES provides a standardized framework for benchmarking watermark robustness and attack potency, enabling a comprehensive analysis of various watermarks. It highlights the importance of diverse and watermark-tailored defensive strategies due to the significant variation in attack effectiveness across different watermarking methods. The benchmark also emphasizes the risks of using publicly available VAEs in watermarked diffusion models, as they can be easily compromised by adversarial attacks. The results show that different watermarking methods have different vulnerabilities. Tree-Ring is more vulnerable to adversarial attacks, which generally cause less quality degradation, while Stable Signature is susceptible to most regeneration attacks. StegaStamp, on the other hand, is robust against these attacks but may introduce artifacts. The benchmark also highlights the need for improved watermarking strategies, including the use of more transformations in training and the development of more accurate DDIM inversion techniques. WAVES contributes to the understanding of watermark vulnerabilities and provides a benchmark for evaluating and enhancing watermark strength. It underscores the importance of robust watermarking in protecting creative ownership and preventing the misrepresentation of AI-generated content as real. The benchmark sets a standard for evaluating and improving watermarking techniques, supporting the development of more secure and effective digital watermarking technologies.