darkwallet / darkleaks Goto Github PK

Decentralised Information Black Market

Makefile 5.09% Python 30.52% Shell 0.29% C++ 60.54% C 3.55%

darkleaks's Introduction

Darkwallet

We love Bitcoin, and the power it gives for trade and social connections. There is so much untapped power in Bitcoin. You know the saying "we only use 10% of our brain's power"? We probably use less than 1% of what is possible with Bitcoin!

We want to start with a simple premise: Bitcoin in your browser. We want a beautiful experience with privacy features built in by default.

This wallet will serve as a platform or a starting codebase to deliver a high quality Bitcoin that serves the people.

Running

You can load the extension into Chrome by going to Extensions, enabling Development mode and clicking the Load uncompressed extension button.

Alpha!!!

We're still in alpha state, that means we're still changing things a lot and it's not safe at all to use the wallet. More information at: https://wiki.unsystem.net/index.php/DarkWallet/Alpha

You are very welcome to test, just remember the following:

Write down your seed and be always ready to use it to restore the identity.
First thing you should do is get familiar with creating and restoring an identity.
You can do: "create new identity", choose same name as before and restore, this will upgrade your store (you will still need to re add pockets and addresses, contacts etc...)
If you notice strange behaviour after upgrading, you should:
1. Restart the background process from darkwallet (from "manage extensions")
2. If that doesn't work: Clear Darkwallet storage, (from darkwallet settings), restart chromium

We have been following this procedure since the wallet is under development without problems.

Remember: Your funds are safe as long as you don't lose your seed to restore later.

Other than that we're not making many guarantees.

Development

You are welcome to participate in the development by contributing or forking the code at:

https://github.com/darkwallet/darkwallet

More info about how to develop on the HACKING.md document.

Other useful documents are: HD Structure, How to Help and Debugging

Translations

Changes to translations as well as new translations can be submitted to Darkwallet's Transifex page.

Translations are periodically pulled from Transifex and merged into the git repository.

Important: We do not accept translation changes as GitHub pull requests because the next pull from Transifex would automatically overwrite them again.

Contact

Use the following resources for communication with "the team"

Mailing list
IRC: #darkwallet (freenode)
Forum
Wiki

License

See the license here

Support Us!

Support our development efforts by donating to the darkwallet multisig:

31oSGBBNrpCiENH3XMZpiP6GTC4tad4bMy

I went to the store the other day to buy a bolt for our front door, for as I told the storekeeper, the governor was coming here. "Aye," said he, "and the Legislature too." "Then I will take two bolts," said I. He said that there had been a steady demand for bolts and locks of late, for our protectors were coming.

-- Henry David Thoreau

Darkwallet Team

darkleaks's People

Contributors

Stargazers

Watchers

darkleaks's Issues

License missing

I recommend LAGPL, same as libbitcoin.

Ping @genjix

Incentive to spend the Bitcoins / reveal the public key in time

I like the idea, but I see one problem:

The leaker can keep the documents (and the Bitcoin) in hostage until the documents are worthless (he'll still get the Bitcoins).
I can't force him to spend the Bitcoins on that address / reveal his public key.

Do you have a solution for this?

Distro Request

Hi, I'm a packager for the ArchAssault Project (https://github.com/ArchAssault-Project), and they would like to distribute your script in their distro. Can you please provide a license file as well as give permission to distribute? Thanks.

Double spend attack possible

Once the leaker reveals the public key, the chunks can be decrypted. Since the private key for the bitcoin addresses aro the hashes of the unencrypted chunks, anyone with the unencrypted chunks has the private key for the bitcoin addresses. If this is done fast enough, the transaction that the leaker sends to redeem the funds can be double spent (e.g. with a higher fee).

OS X compatibility

Getting this if I invoke make:

c++ -fPIC -std=c++11 -pthread -I/usr/local/include  -I lib/   -c -o lib/prove.o lib/prove.cpp
lib/prove.cpp:64:10: error: no member named 'seed_seq' in namespace 'std'
    std::seed_seq seq(block_hash.rbegin(), block_hash.rend());
    ~~~~~^
lib/prove.cpp:66:5: error: use of undeclared identifier 'seq'
    seq.generate(random_values.begin(), random_values.end());
    ^
2 errors generated.
make: *** [lib/prove.o] Error 1

Missing #include <random>?

Or this:

c++ -shared -Wl,-soname,_darkleaks.so python/darkleaks/darkleaks.o lib/darkleaks.a -lpython2.7 -lboost_python `pkg-config --libs libbitcoin` -lboost_thread -o python/darkleaks/_darkleaks.so
ld: unknown option: -soname
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make: *** [python/darkleaks/_darkleaks.so] Error 1

Conditions:

c++ --version
Apple LLVM version 6.0 (clang-600.0.56) (based on LLVM 3.5svn)
Target: x86_64-apple-darwin14.1.0
Thread model: posix

uname -rs
Darwin 14.1.0

how to use

hello team,first of all thank you for this great tool
and the issue is i totally misunderstood it how to use.
i have rightly done every installation step.
now when i put command
$ .gui-start.sh
then this screen comes up to me
http://gyazo.com/d7d7adecdb27ecd17019e13611371dee

i didnt have much knowledge about those chunk n all though i went ahead with filling all info
then i took me here
http://gyazo.com/0bd82998aaee9220784793eb4e69db41

please tell me some things :
suppose if i am possessing credit card details of someone then how can i sell there, and who will decide the price, and in which format should it be in the text file.

suppose if i am a buyer then where i can look what people are selling
and please tell me also about chunk and to reveal them
thanx in advance

Tiling and progressive compression for leaking images

Tiled printing an image before encrypting for use with darkleaks is a good idea. This could easily be done now by using photoshop.

Another idea to use progressive compression. To recap the "Progressive JPEG" format, is where data is compressed in multiple passes of progressively higher detail. This is ideal for large images that will be displayed while downloading over a slow connection, allowing a reasonable preview after receiving only a portion of the data.
Originally used to improve user experience when web browsing on slow connections, progressive compression could be useful for darkleaks. The different levels of image detail are separately encrypted and unlocked. Paying more money grants you access to more detail. Paying for only the lowest detail level allows the buyers to get an idea of what they're paying for.

Obviously the idea can easily be extended for video and audio, at least for music. For audio involving speech, progressive compression may not matter much. Evidence of a war crimes plot is understandable whatever the bitrate of recording, it doesn't need to be studio-level quality. Presumably in that situation the leaker will release a written transcript along with the audio file.

Pointless hashing of public key

I have a question about the following step:

We hash the public key to get a secret.
The chunk is encrypted using the secret with AES256.

What is the point of using a hash of the public key as the AES256 secret? Revealing the public key reveals the hash, correct? I read nothing about a salt.