alee/fieldwitness
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
FieldWitness -- an attestation and chain of custody toolkit.
11 Commits 1 Branch 2 Tags 39 MiB
Python 79.4%
HTML 16%
JavaScript 4.1%
Dockerfile 0.2%
Shell 0.2%
51c9b0a99a
Go to file
Aaron D. Lee 51c9b0a99a Fix 14 bugs and add features from power-user security audit 
Critical fixes:
- Fix admin_delete_user missing current_user_id argument (TypeError on every delete)
- Fix self-signed cert OOM: bytes(2130706433) → IPv4Address("127.0.0.1")
- Add @login_required to attestation routes (attest, log); verify stays public
- Add auth guards to fieldkit (@admin_required on killswitch) and keys blueprints
- Fix cleanup_temp_files NameError in generate() route

Security hardening:
- Unify temp storage to ~/.soosef/temp/ so killswitch purge covers web uploads
- Replace Path.unlink() with secure deletion (shred fallback) in temp_storage
- Add structured audit log (audit.jsonl) for admin, key, and killswitch actions

New features:
- Dead man's switch background enforcement thread in serve + check-deadman CLI
- Key rotation: soosef keys rotate-identity/rotate-channel with archiving
- Batch attestation: soosef attest batch <dir> with progress and error handling
- Geofence CLI: set/check/clear commands with config persistence
- USB CLI: snapshot/check commands against device whitelist
- Verification receipt download (/verify/receipt JSON endpoint + UI button)
- IdentityInfo.created_at populated from sidecar meta.json (mtime fallback)

Data layer:
- ChainStore.get() now O(1) via byte-offset index built during state rebuild
- Add federation module (chain, models, serialization, entropy)

Includes 45+ new tests across chain, deadman, key rotation, killswitch, and
serialization modules.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 17:06:33 -04:00
docker Fix Docker healthcheck hanging gunicorn workers 2026-03-31 19:46:04 -04:00
frontends Fix 14 bugs and add features from power-user security audit 2026-04-01 17:06:33 -04:00
src/soosef Fix 14 bugs and add features from power-user security audit 2026-04-01 17:06:33 -04:00
tests Fix 14 bugs and add features from power-user security audit 2026-04-01 17:06:33 -04:00
.gitignore Add vendor assets, fix CLI imports, make web UI bootable 2026-03-31 14:48:18 -04:00
CLAUDE.md Initial repo skeleton with pyproject.toml and project guide 2026-03-31 14:21:30 -04:00
pyproject.toml Fix 14 bugs and add features from power-user security audit 2026-04-01 17:06:33 -04:00
README.md Add vendor assets, fix CLI imports, make web UI bootable 2026-03-31 14:48:18 -04:00

README.md

SooSeF — Soo Security Fieldkit

Offline-first security toolkit for journalists, NGOs, and at-risk organizations.

Part of the Soo Suite:

  • Stegasoo — hide encrypted messages in media (steganography)
  • Verisoo — prove image provenance and authenticity (attestation)
  • SooSeF — unified fieldkit with killswitch, dead man's switch, and key management

Status

Pre-alpha. Phase 1 scaffolding complete.

Install (development)

pip install -e /path/to/stegasoo[web,dct,audio,cli]
pip install -e /path/to/verisoo[cli]
pip install -e ".[web,cli]"

Quick Start

soosef init      # Generate identity + channel key, create ~/.soosef/
soosef serve     # Start the web UI