fieldwitness

alee/fieldwitness

Fork 0

Commit Graph

Author	SHA1	Message	Date
Aaron D. Lee	490f9d4a1d	Rebrand SooSeF to FieldWitness Complete project rebrand for better positioning in the press freedom and digital security space. FieldWitness communicates both field deployment and evidence testimony — appropriate for the target audience of journalists, NGOs, and human rights organizations. Rename mapping: - soosef → fieldwitness (package, CLI, all imports) - soosef.stegasoo → fieldwitness.stego - soosef.verisoo → fieldwitness.attest - ~/.soosef/ → ~/.fwmetadata/ (innocuous data dir name) - SOOSEF_DATA_DIR → FIELDWITNESS_DATA_DIR - SoosefConfig → FieldWitnessConfig - SoosefError → FieldWitnessError Also includes: - License switch from MIT to GPL-3.0 - C2PA bridge module (Phase 0-2 MVP): cert.py, export.py, vendor_assertions.py - README repositioned to lead with provenance/federation, stego backgrounded - Threat model skeleton at docs/security/threat-model.md - Planning docs: docs/planning/c2pa-integration.md, docs/planning/gtm-feasibility.md Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 15:05:13 -04:00
Aaron D. Lee	0d8c94bf82	Fix 6 security issues from post-FR audit - Fix 3 missing CSRF tokens on admin user delete/reset and account key delete forms (were broken — CSRFProtect rejected submissions) - Fix trust store path traversal: untrust_key() now validates fingerprint format ([0-9a-f]{32}) and checks resolved path - Fix chain key rotation: old key is now revoked after rotation record, preventing compromised old keys from appending records - Fix SSRF in deadman webhook: block private/internal IP targets - Fix logout CSRF: /logout is now POST-only with CSRF token, preventing cross-site forced logout via img tags Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-01 19:44:15 -04:00
Aaron D. Lee	b8d4eb5933	Add core modules, web frontend, CLI, keystore, and fieldkit Core: - paths.py: centralized ~/.soosef/ path constants - config.py: JSON config loader with dataclass defaults - exceptions.py: SoosefError hierarchy - cli.py: unified Click CLI wrapping stegasoo + verisoo + native commands Keystore: - manager.py: unified key management (Ed25519 identity + channel keys) - models.py: IdentityInfo, KeystoreStatus dataclasses - export.py: encrypted key bundle export/import for USB transfer Fieldkit: - killswitch.py: ordered emergency data destruction (keys first) - deadman.py: dead man's switch with check-in timer - tamper.py: SHA-256 file integrity baseline + checking - usb_monitor.py: pyudev USB whitelist enforcement - geofence.py: haversine-based GPS boundary checking Web frontend (Flask app factory + blueprints): - app.py: create_app() factory with context processor - blueprints: stego, attest, fieldkit, keys, admin - templates: base.html (dark theme, unified nav), dashboard, all section pages - static: CSS, favicon Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-31 14:30:13 -04:00

Author

SHA1

Message

Date

Aaron D. Lee

490f9d4a1d

Rebrand SooSeF to FieldWitness

Complete project rebrand for better positioning in the press freedom
and digital security space. FieldWitness communicates both field
deployment and evidence testimony — appropriate for the target audience
of journalists, NGOs, and human rights organizations.

Rename mapping:
- soosef → fieldwitness (package, CLI, all imports)
- soosef.stegasoo → fieldwitness.stego
- soosef.verisoo → fieldwitness.attest
- ~/.soosef/ → ~/.fwmetadata/ (innocuous data dir name)
- SOOSEF_DATA_DIR → FIELDWITNESS_DATA_DIR
- SoosefConfig → FieldWitnessConfig
- SoosefError → FieldWitnessError

Also includes:
- License switch from MIT to GPL-3.0
- C2PA bridge module (Phase 0-2 MVP): cert.py, export.py, vendor_assertions.py
- README repositioned to lead with provenance/federation, stego backgrounded
- Threat model skeleton at docs/security/threat-model.md
- Planning docs: docs/planning/c2pa-integration.md, docs/planning/gtm-feasibility.md

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-02 15:05:13 -04:00

Aaron D. Lee

0d8c94bf82

Fix 6 security issues from post-FR audit

- Fix 3 missing CSRF tokens on admin user delete/reset and account
  key delete forms (were broken — CSRFProtect rejected submissions)
- Fix trust store path traversal: untrust_key() now validates
  fingerprint format ([0-9a-f]{32}) and checks resolved path
- Fix chain key rotation: old key is now revoked after rotation
  record, preventing compromised old keys from appending records
- Fix SSRF in deadman webhook: block private/internal IP targets
- Fix logout CSRF: /logout is now POST-only with CSRF token,
  preventing cross-site forced logout via img tags

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-01 19:44:15 -04:00

Aaron D. Lee

b8d4eb5933

Add core modules, web frontend, CLI, keystore, and fieldkit

Core:
- paths.py: centralized ~/.soosef/ path constants
- config.py: JSON config loader with dataclass defaults
- exceptions.py: SoosefError hierarchy
- cli.py: unified Click CLI wrapping stegasoo + verisoo + native commands

Keystore:
- manager.py: unified key management (Ed25519 identity + channel keys)
- models.py: IdentityInfo, KeystoreStatus dataclasses
- export.py: encrypted key bundle export/import for USB transfer

Fieldkit:
- killswitch.py: ordered emergency data destruction (keys first)
- deadman.py: dead man's switch with check-in timer
- tamper.py: SHA-256 file integrity baseline + checking
- usb_monitor.py: pyudev USB whitelist enforcement
- geofence.py: haversine-based GPS boundary checking

Web frontend (Flask app factory + blueprints):
- app.py: create_app() factory with context processor
- blueprints: stego, attest, fieldkit, keys, admin
- templates: base.html (dark theme, unified nav), dashboard, all section pages
- static: CSS, favicon

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-31 14:30:13 -04:00

3 Commits