Complete project rebrand for better positioning in the press freedom
and digital security space. FieldWitness communicates both field
deployment and evidence testimony — appropriate for the target audience
of journalists, NGOs, and human rights organizations.
Rename mapping:
- soosef → fieldwitness (package, CLI, all imports)
- soosef.stegasoo → fieldwitness.stego
- soosef.verisoo → fieldwitness.attest
- ~/.soosef/ → ~/.fwmetadata/ (innocuous data dir name)
- SOOSEF_DATA_DIR → FIELDWITNESS_DATA_DIR
- SoosefConfig → FieldWitnessConfig
- SoosefError → FieldWitnessError
Also includes:
- License switch from MIT to GPL-3.0
- C2PA bridge module (Phase 0-2 MVP): cert.py, export.py, vendor_assertions.py
- README repositioned to lead with provenance/federation, stego backgrounded
- Threat model skeleton at docs/security/threat-model.md
- Planning docs: docs/planning/c2pa-integration.md, docs/planning/gtm-feasibility.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CRITICAL:
- #1+#2: Consistency proof verification no longer a stub — implements
actual hash chain reconstruction from proof hashes, rejects proofs
that don't reconstruct to the expected root. GossipNode._verify_consistency
now calls verify_consistency_proof() instead of just checking sizes.
- #3: Remove passphrase.lower() from KDF — was silently discarding
case entropy from mixed-case passphrases. Passphrases are now
case-sensitive as users would expect.
- #4: Federation gossip now applies record_filter (trust store check)
on every received record before appending to the log. Untrusted
attestor fingerprints are rejected with a warning.
- #5: Killswitch disables all logging BEFORE activation to prevent
audit log from recording killswitch activity that could survive an
interrupted purge. Audit log destruction moved to position 4 (right
after keys + flask secret, before other data).
HIGH:
- #6: CSRF exemption narrowed from entire dropbox blueprint to only
the upload view function. Admin routes retain CSRF protection.
- #7: /health endpoint returns only {"status":"ok"} to anonymous
callers. Full operational report requires authentication.
- #8: Metadata stripping now reconstructs image from pixel data only
(Image.new + putdata), stripping XMP, IPTC, and ICC profiles — not
just EXIF.
- #9: Same as #6 (CSRF scope fix).
MEDIUM:
- #11: Receipt HMAC key changed from public upload token to server-side
secret key, making valid receipts unforgeable by the source or anyone
who captured the upload URL.
- #12: Docker CMD no longer defaults to --no-https. HTTPS with
self-signed cert is the default; --no-https requires explicit opt-in.
- #14: shred return code now checked — non-zero exit falls through to
the zero-overwrite fallback instead of silently succeeding.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Platform pivot from Raspberry Pi to three-tier model:
- Tier 1: Bootable Debian Live USB for field reporters
- Tier 2: Docker/K8s org server for newsrooms
- Tier 3: Docker/K8s federation relay for VPS
Tier 1 — Live USB (deploy/live-usb/):
- build.sh: live-build based image builder for amd64
- Package list: Python + system deps + minimal GUI (openbox + Firefox)
- Install hook: creates venv, pip installs soosef[web,cli,attest,...]
- Hardening hook: disable swap/coredumps, UFW, auto-login to web UI
- systemd service with security hardening (NoNewPrivileges, ProtectSystem)
- Auto-opens Firefox kiosk to http://127.0.0.1:5000 on boot
Tier 2+3 — Docker (deploy/docker/):
- Multi-stage Dockerfile with two targets:
- server: full web UI + stego + attestation + federation (Tier 2)
- relay: lightweight FastAPI attestation API only (Tier 3)
- docker-compose.yml with both services and persistent volumes
- .dockerignore for clean builds
Kubernetes (deploy/kubernetes/):
- namespace.yaml, server-deployment.yaml, relay-deployment.yaml
- PVCs, services, health checks, resource limits
- Single-writer strategy (Recreate, not RollingUpdate) for SQLite safety
- README with architecture diagram and deployment instructions
Config presets (deploy/config-presets/):
- low-threat.json: press freedom country (no killswitch, 30min sessions)
- medium-threat.json: restricted press (48h deadman, USB monitoring)
- high-threat.json: conflict zone (12h deadman, tamper monitoring, 5min sessions)
- critical-threat.json: targeted surveillance (127.0.0.1 only, 6h deadman, 3min sessions)
Deployment guide rewritten for three-tier model with RPi as legacy appendix.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bottleneck 1: ImageHashes generalization
- phash and dhash now default to "" (optional), enabling attestation
of CSV datasets, sensor logs, documents, and any non-image file
- Added ImageHashes.from_file() for arbitrary file attestation
(SHA-256 only, no perceptual hashes)
- Added ImageHashes.is_image property to check if perceptual matching
is meaningful
- Added content_type field to AttestationRecord ("image", "document",
"data", "audio", "video") — backward compatible, defaults to "image"
- from_dict() now tolerates missing phash/dhash fields
Bottleneck 2: Lazy path resolution
- Converted 5 modules from eager top-level path imports to lazy
access via `import soosef.paths as _paths`:
config.py, deadman.py, usb_monitor.py, tamper.py, anchors.py
- Paths now resolve at use-time, not import-time, so --data-dir
and SOOSEF_DATA_DIR overrides propagate correctly to all modules
- Enables portable mode (run entirely from USB stick)
- Updated deadman enforcement tests for new path access pattern
Bottleneck 3: Delivery acknowledgment chain records
- New CONTENT_TYPE_DELIVERY_ACK = "soosef/delivery-ack-v1"
- ChainStore.append_delivery_ack() records bundle receipt with
sender fingerprint and record count
- import_attestation_bundle() auto-generates ack when chain store
and private key are provided
- Enables two-way federation handshakes (art provenance, legal
chain of custody, multi-org evidence exchange)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1. Client-side SHA-256 in drop box: browser computes and displays
file fingerprints via SubtleCrypto before upload. Receipt codes
are HMAC-derived from file hash so source can verify
correspondence. Source sees hash before submitting.
2. Drop box token persistence: replaced in-memory dict with SQLite
(dropbox.db). Tokens and receipts survive server restarts.
Receipt verification now returns filename, SHA-256, and timestamp.
3. RFC 3161 trusted timestamps + manual anchors: new
federation/anchors.py with get_chain_head_anchor(),
submit_rfc3161(), save_anchor(), and manual export format.
CLI: `soosef chain anchor [--tsa URL]`. A single anchor
implicitly timestamps every preceding chain record.
4. Derived work lineage: attestation metadata supports
derived_from (parent record ID) and derivation_type
(crop, redact, brightness, etc.) for tracking edits
through the chain of custody.
5. Self-contained evidence package: new soosef.evidence module
with export_evidence_package() producing a ZIP with images,
attestation records, chain data, public key, standalone
verify.py script, and README.
6. Cold archive export: new soosef.archive module with
export_cold_archive() bundling chain.bin, verisoo log,
LMDB index, keys, anchors, trusted keys, ALGORITHMS.txt
documenting all crypto, and verification instructions.
Designed for OAIS (ISO 14721) alignment.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolves the tension between steganography (strip everything to
protect sources) and attestation (preserve evidence of provenance):
- New soosef.metadata module with extract_and_classify() and
extract_strip_pipeline() — classifies EXIF fields as evidentiary
(GPS, timestamp — valuable for proving provenance) vs dangerous
(device serial, firmware — could identify the source)
- Drop box now uses extract-then-strip: attests ORIGINAL bytes (hash
matches what source submitted), extracts evidentiary EXIF into
attestation metadata, strips dangerous fields, stores clean copy
- Attest route gains strip_device option: when enabled, includes
GPS/timestamp in attestation but excludes device serial/firmware
- Stego encode unchanged: still strips all metadata from carriers
(correct for steganography threat model)
The key insight: for stego, the carrier is a vessel (strip everything).
For attestation, EXIF is the evidence (extract, classify, preserve
selectively). Both hashes (original + stripped) are recorded so the
relationship between raw submission and stored copy is provable.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1. Source drop box: token-gated anonymous upload with auto-attestation,
EXIF stripping, receipt codes, and self-destructing URLs. New
/dropbox blueprint with admin panel for token management. CSRF
exempted for source-facing upload routes.
2. Investigation namespaces: attestation records tagged with
investigation label via metadata. Log view filters by investigation
with dropdown. Supports long-running multi-story workflows.
3. Scale fixes: replaced O(n) full-scan perceptual hash search with
LMDB find_similar_images() index lookup. Added incremental chain
verification (verify_incremental) with last_verified_index
checkpoint in ChainState.
4. Deep forensic purge: killswitch now scrubs __pycache__, pip
dist-info, pip cache, and shell history entries containing 'soosef'.
Runs before package uninstall for maximum trace removal.
5. Cross-org federation: new federation/exchange.py with
export_attestation_bundle() and import_attestation_bundle().
Bundles are self-authenticating JSON with investigation filter.
Import validates against trust store fingerprints.
6. Wrong-key diagnostics: enhanced decrypt error messages include
current channel key fingerprint hint. New carrier_tracker.py
tracks carrier SHA-256 hashes and warns on reuse (statistical
analysis risk).
7. Selective disclosure: ChainStore.selective_disclosure() produces
proof bundles with full selected records + hash-only redacted
records + complete hash chain for linkage verification. New
`soosef chain disclose -i 0,5,10 -o proof.json` CLI command
for court-ordered evidence production.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1. Transport-aware stego encoding: --transport flag (whatsapp/signal/
telegram/discord/email/direct) auto-selects DCT mode, pre-resizes
carrier to platform max dimension, prevents payload destruction
by messaging app recompression.
2. Standalone verification bundle: chain export ZIP now includes
verify_chain.py (zero-dep verification script) and README.txt
with instructions for courts and fact-checkers.
3. Channel-key-only export/import: export_channel_key() and
import_channel_key() with Argon2id encryption (64MB, lighter
than full bundle). channel_key_to_qr_data() for in-person
QR code exchange between collaborators.
4. Duress/cover mode: configurable SSL cert CN via cover_name
config (defaults to "localhost" instead of "SooSeF Local").
SOOSEF_DATA_DIR already supports directory renaming. Killswitch
PurgeScope.ALL now self-uninstalls the pip package.
5. Identity recovery from chain: find_signer_pubkey() searches chain
by fingerprint prefix. append_key_recovery() creates a recovery
record signed by new key with old fingerprint + cosigner list.
verify_chain() accepts recovery records.
6. Batch verification: /verify/batch web endpoint accepts multiple
files, returns per-file status (verified/unverified/error) with
exact vs perceptual match breakdown.
7. Chain position proof in receipt: verification receipts (now
schema v3) include chain_proof with chain_id, chain_index,
prev_hash, and record_hash for court admissibility.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The stego examples used nonexistent -i flags. Replace with actual
CLI syntax: positional CARRIER argument, -r/--reference for shared
photo, -m/--message for text, -f/--file for file payload. Add
comprehensive examples covering encode, decode, dry-run, DCT mode,
audio stego, credential generation, and channel key management.
Also fix attest examples to match actual CLI commands.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Unauthenticated endpoint that reports what's installed, what's
missing, and what's degraded — without exposing secrets or key
material. Reports:
- Module status (stegasoo, verisoo) with versions
- Optional capabilities: DCT, audio, video stego, LMDB, imagehash,
USB monitoring, GPIO — each with actionable install hints
- Key existence (identity, channel, trusted count, backup status)
- Fieldkit status (killswitch, deadman, chain enabled)
- System info (Python version, platform, available memory)
Overall status is "ok" when core modules + keys are present,
"degraded" otherwise. Memory reporting helps diagnose Argon2
OOM issues on constrained hardware (RPi).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The audit.jsonl file (containing usernames, actions, timestamps) was
not included in the PurgeScope.ALL destruction steps. An adversary
with filesystem access after a failed or partial purge could recover
operational evidence. Added destroy_audit_log step after temp files,
before config deletion.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix 3 missing CSRF tokens on admin user delete/reset and account
key delete forms (were broken — CSRFProtect rejected submissions)
- Fix trust store path traversal: untrust_key() now validates
fingerprint format ([0-9a-f]{32}) and checks resolved path
- Fix chain key rotation: old key is now revoked after rotation
record, preventing compromised old keys from appending records
- Fix SSRF in deadman webhook: block private/internal IP targets
- Fix logout CSRF: /logout is now POST-only with CSRF token,
preventing cross-site forced logout via img tags
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Critical:
- FR-01: Chain verification now supports key rotation via signed rotation
records (soosef/key-rotation-v1 content type). Old single-signer
invariant replaced with authorized-signers set.
- FR-02: Carrier images stripped of EXIF metadata by default before
steganographic encoding (strip_metadata=True). Prevents source
location/device leakage.
High priority:
- FR-03: Session timeout (default 15min) + secure cookie flags
(HttpOnly, SameSite=Strict, Secure when HTTPS)
- FR-04: CSRF protection via Flask-WTF on all POST forms. Killswitch
now requires password re-authentication.
- FR-05: Collaborator trust store — trust_key(), get_trusted_keys(),
resolve_attestor_name(), untrust_key() in KeystoreManager.
- FR-06: Production WSGI server (Waitress) by default, Flask dev
server only with --debug flag.
- FR-07: Dead man's switch sends warning during grace period via
local file + optional webhook before auto-purge.
Medium:
- FR-08: Geofence get_current_location() via gpsd for --here support.
- FR-09: Batch attestation endpoint (/attest/batch) with SHA-256
dedup and per-file status reporting.
- FR-10: Key backup tracking with last_backup_info() and
is_backup_overdue() + backup_reminder_days config.
- FR-11: Verification receipts signed with instance Ed25519 key
(schema_version bumped to 2).
- FR-12: Login rate limiting with configurable lockout (5 attempts,
15 min default).
Nice-to-have:
- FR-13: Unified `soosef status` pre-flight command showing identity,
channel key, deadman, geofence, chain, and backup status.
- FR-14: `soosef chain export` produces ZIP with JSON manifest,
public key, and raw chain.bin for legal discovery.
Tests: 157 passed, 1 skipped, 1 pre-existing flaky test.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merge stegasoo (v4.3.0, steganography) and verisoo (v0.1.0, attestation)
as subpackages under soosef.stegasoo and soosef.verisoo. This eliminates
cross-repo coordination and enables atomic changes across the full stack.
- Copy stegasoo (34 modules) and verisoo (15 modules) into src/soosef/
- Convert all verisoo absolute imports to relative imports
- Rewire ~50 import sites across soosef code (cli, web, keystore, tests)
- Replace stegasoo/verisoo pip deps with inlined code + pip extras
(stego-dct, stego-audio, attest, web, api, cli, fieldkit, all, dev)
- Add _availability.py for runtime feature detection
- Add unified FastAPI mount point at soosef.api
- Copy and adapt tests from both repos (155 pass, 1 skip)
- Drop standalone CLI/web frontends; keep FastAPI as optional modules
- Both source repos tagged pre-monorepo-consolidation on GitHub
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
These packages aren't available from git.golfcards.club yet.
Lint and typecheck jobs still run.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Use type: ignore for cbor2/json Any returns in serialization/deadman
- Fix callable→Callable in killswitch.py and usb_monitor.py
- Add Ed25519PrivateKey assertion in CLI chain-wrap path
- Allow None for RotationResult fingerprints
- Annotate channel key as str in manager.py
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reformat 8 files and add --target-version py312 to avoid
3.13 AST parsing issues with Python 3.12 container.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Container can't resolve internal gitea:3000 hostname.
Clone from public HTTPS URL instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
python:3.12-slim lacks node, so actions/checkout@v4 fails.
Use manual git clone with Gitea environment variables instead.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace actions/setup-python@v5 (skipped by act runner) with
python:3.12-slim container images so Python is available directly.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Templates referenced 'admin_user_new' (stegasoo convention) but the
soosef route is named 'admin_new_user'. Caused 500 error when clicking
"Add User" from admin panel.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The healthcheck tried HTTPS first (curl -fsk https://...) when HTTPS
was disabled. The TLS ClientHello to a plain HTTP listener hung the
sync worker indefinitely. With 2 workers, both got stuck, blocking
all real HTTP requests.
Fix: try HTTP first, add --max-time 3 to release quickly on failure.
Compose override uses HTTP-only to match HTTPS_ENABLED=false default.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Dockerfile: builds from Sources/ context, installs stegasoo + verisoo + soosef
- docker-compose.yml: single service with persistent volume at /root/.soosef
- entrypoint.sh: auto-init on first run, gunicorn with 2 workers
Build: cd soosef/docker && sudo docker compose build
Run: sudo docker compose up -d
Port 35811, HTTPS disabled by default (reverse proxy expected)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New file stego_routes.py:
- register_stego_routes() mounts all encode/decode routes on the Flask app
- Async encode with ThreadPoolExecutor + progress polling
- Subprocess isolation for crash-safe stegasoo operations
- Image + audio encode/decode with full validation
- Encode result display with download
- Tools API routes (capacity, EXIF, rotate, compress, convert)
- About page with crypto documentation
Real templates (replacing stubs):
- encode.html (889 lines): full form with carrier upload, passphrase,
PIN, RSA key, embed mode selection, async progress bar
- decode.html (681 lines): decode form with credential inputs
- encode_result.html (242 lines): result display with download
- about.html (602 lines): security documentation
All routes verified working with auth flow.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Copy Bootstrap 5, Bootstrap Icons, and html5-qrcode from stegasoo
- Fix stegasoo CLI import (cli group, not main wrapper)
- Add .gitignore and README.md
- Verified: soosef init, soosef serve, all routes, key export/import all work
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
