alee/fieldwitness
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Release v0.3.0: Rebrand to FieldWitness + C2PA bridge + GPL-3.0
Some checks failed
CI / lint (push) Failing after 11s
Details
CI / typecheck (push) Failing after 13s
Details

Browse Source 
Major release marking the transition from SooSeF to FieldWitness.

Highlights:
- Full rebrand: soosef → fieldwitness, stegasoo → stego, verisoo → attest
- Data directory: ~/.soosef/ → ~/.fwmetadata/ (innocuous name for field safety)
- License: MIT → GPL-3.0
- C2PA bridge module (Phase 0-2): X.509 cert management, export path with
  vendor assertions (org.fieldwitness.perceptual-hashes, chain-record,
  attestation-id), GPS downsampling for privacy
- README repositioned: provenance/federation first, steganography backgrounded
- Threat model skeleton (docs/security/threat-model.md)
- Planning docs: C2PA integration, GTM feasibility, packaging strategy,
  "Why FieldWitness Exists" narrative for non-technical audiences

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Aaron D. Lee 2026-04-02 18:26:56 -04:00
parent 4a471ee31a
commit e4f68fc83a
6 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CLAUDE.md
View File

@ -8,7 +8,7 @@ with Merkle consistency proofs, and produces court-ready evidence packages with
verification. Steganography (Stego) and provenance attestation (Attest) are included verification. Steganography (Stego) and provenance attestation (Attest) are included
as subpackages in this monorepo. as subpackages in this monorepo.
Version 0.2.0 · Python >=3.11 · GPL-3.0 License Version 0.3.0 · Python >=3.11 · GPL-3.0 License
## Quick commands ## Quick commands
@ -31,7 +31,7 @@ mypy src/ # Type check
``` ```
src/fieldwitness/ Core library src/fieldwitness/ Core library
__init__.py Package init, __version__ (0.2.0) __init__.py Package init, __version__ (0.3.0)
_availability.py Runtime checks for optional subpackages (has_stego, has_attest) _availability.py Runtime checks for optional subpackages (has_stego, has_attest)
api.py Optional unified FastAPI app (uvicorn fieldwitness.api:app) api.py Optional unified FastAPI app (uvicorn fieldwitness.api:app)
audit.py Append-only JSON-lines audit log (~/.fwmetadata/audit.jsonl) audit.py Append-only JSON-lines audit log (~/.fwmetadata/audit.jsonl)

4
README.md
View File

@ -3,7 +3,7 @@
**Offline-first provenance attestation with gossip federation for journalists, NGOs, and at-risk organizations.** **Offline-first provenance attestation with gossip federation for journalists, NGOs, and at-risk organizations.**
<!-- badges --> <!-- badges -->
![Version](https://img.shields.io/badge/version-0.2.0-blue) ![Version](https://img.shields.io/badge/version-0.3.0-blue)
![Python](https://img.shields.io/badge/python-%3E%3D3.11-blue) ![Python](https://img.shields.io/badge/python-%3E%3D3.11-blue)
![License](https://img.shields.io/badge/license-GPL--3.0-blue) ![License](https://img.shields.io/badge/license-GPL--3.0-blue)
@ -680,7 +680,7 @@ The web UI exposes a `/health` endpoint that reports installed capabilities:
```json ```json
{ {
"status": "ok", "status": "ok",
"version": "0.2.0", "version": "0.3.0",
"capabilities": ["stego-lsb", "stego-dct", "attest", "fieldkit", "chain"] "capabilities": ["stego-lsb", "stego-dct", "attest", "fieldkit", "chain"]
} }
``` ```

4
docs/security/threat-model.md
View File

@ -4,7 +4,7 @@
identifies gaps. Version numbers track significant revisions. identifies gaps. Version numbers track significant revisions.
**Document version:** 0.1 (2026-04-01) **Document version:** 0.1 (2026-04-01)
**Corresponds to:** FieldWitness v0.2.0 **Corresponds to:** FieldWitness v0.3.0
This document follows the style of the Signal Protocol specification and the Tor design This document follows the style of the Signal Protocol specification and the Tor design
document: it makes precise claims, distinguishes what is guaranteed from what is not, and document: it makes precise claims, distinguishes what is guaranteed from what is not, and
@ -90,7 +90,7 @@ cannot forge a valid signature without the private key. The append-only hash cha
retroactive injection detectable: inserting a record at position N requires recomputing all retroactive injection detectable: inserting a record at position N requires recomputing all
subsequent hashes. Consistency proofs during gossip sync detect log divergence. subsequent hashes. Consistency proofs during gossip sync detect log divergence.
**Gap:** Certificate pinning for federation peers is not implemented as of v0.2.0. The **Gap:** Certificate pinning for federation peers is not implemented as of v0.3.0. The
Tier 3 relay uses a self-signed certificate; operators should verify its fingerprint Tier 3 relay uses a self-signed certificate; operators should verify its fingerprint
out-of-band. Gossip peers authenticate by Ed25519 fingerprint, not certificate, which out-of-band. Gossip peers authenticate by Ed25519 fingerprint, not certificate, which
provides a secondary check. provides a secondary check.

2
pyproject.toml
View File

@ -4,7 +4,7 @@ build-backend = "hatchling.build"
[project] [project]
name = "fieldwitness" name = "fieldwitness"
version = "0.2.0" version = "0.3.0"
description = "FieldWitness — offline-first security toolkit for journalists, NGOs, and at-risk organizations" description = "FieldWitness — offline-first security toolkit for journalists, NGOs, and at-risk organizations"
readme = "README.md" readme = "README.md"
license = "GPL-3.0-only" license = "GPL-3.0-only"

2
src/fieldwitness/__init__.py
View File

@ -11,4 +11,4 @@ Part of the Soo Suite:
- FieldWitness: unified fieldkit with killswitch, dead man's switch, and key management - FieldWitness: unified fieldkit with killswitch, dead man's switch, and key management
""" """
__version__ = "0.2.0" __version__ = "0.3.0"

2
src/fieldwitness/archive.py
View File

@ -165,7 +165,7 @@ To verify this archive without FieldWitness:
manifest = { manifest = {
"archive_version": "1", "archive_version": "1",
"created_at": ts.isoformat(), "created_at": ts.isoformat(),
"fieldwitness_version": "0.2.0", "fieldwitness_version": "0.3.0",
"contents": contents, "contents": contents,
"file_count": len(contents), "file_count": len(contents),
"content_hashes": {}, "content_hashes": {},