darkwallet / darkleaks Goto Github PK

Getting this if I invoke make:

c++ -fPIC -std=c++11 -pthread -I/usr/local/include  -I lib/   -c -o lib/prove.o lib/prove.cpp
lib/prove.cpp:64:10: error: no member named 'seed_seq' in namespace 'std'
    std::seed_seq seq(block_hash.rbegin(), block_hash.rend());
    ~~~~~^
lib/prove.cpp:66:5: error: use of undeclared identifier 'seq'
    seq.generate(random_values.begin(), random_values.end());
    ^
2 errors generated.
make: *** [lib/prove.o] Error 1

Missing #include <random>?

Or this:

c++ -shared -Wl,-soname,_darkleaks.so python/darkleaks/darkleaks.o lib/darkleaks.a -lpython2.7 -lboost_python `pkg-config --libs libbitcoin` -lboost_thread -o python/darkleaks/_darkleaks.so
ld: unknown option: -soname
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make: *** [python/darkleaks/_darkleaks.so] Error 1

Conditions:

c++ --version
Apple LLVM version 6.0 (clang-600.0.56) (based on LLVM 3.5svn)
Target: x86_64-apple-darwin14.1.0
Thread model: posix

uname -rs
Darwin 14.1.0

I like the idea, but I see one problem:

The leaker can keep the documents (and the Bitcoin) in hostage until the documents are worthless (he'll still get the Bitcoins).
I can't force him to spend the Bitcoins on that address / reveal his public key.

Do you have a solution for this?

hello team,first of all thank you for this great tool
and the issue is i totally misunderstood it how to use.
i have rightly done every installation step.
now when i put command
$ .gui-start.sh
then this screen comes up to me
http://gyazo.com/d7d7adecdb27ecd17019e13611371dee

i didnt have much knowledge about those chunk n all though i went ahead with filling all info
then i took me here
http://gyazo.com/0bd82998aaee9220784793eb4e69db41

please tell me some things :
suppose if i am possessing credit card details of someone then how can i sell there, and who will decide the price, and in which format should it be in the text file.

suppose if i am a buyer then where i can look what people are selling
and please tell me also about chunk and to reveal them
thanx in advance

I have a question about the following step:

• We hash the public key to get a secret.
  The chunk is encrypted using the secret with AES256.

What is the point of using a hash of the public key as the AES256 secret? Revealing the public key reveals the hash, correct? I read nothing about a salt.

Hi, I'm a packager for the ArchAssault Project (https://github.com/ArchAssault-Project), and they would like to distribute your script in their distro. Can you please provide a license file as well as give permission to distribute? Thanks.

Tiled printing an image before encrypting for use with darkleaks is a good idea. This could easily be done now by using photoshop.

Another idea to use progressive compression. To recap the "Progressive JPEG" format, is where data is compressed in multiple passes of progressively higher detail. This is ideal for large images that will be displayed while downloading over a slow connection, allowing a reasonable preview after receiving only a portion of the data.
Originally used to improve user experience when web browsing on slow connections, progressive compression could be useful for darkleaks. The different levels of image detail are separately encrypted and unlocked. Paying more money grants you access to more detail. Paying for only the lowest detail level allows the buyers to get an idea of what they're paying for.

Obviously the idea can easily be extended for video and audio, at least for music. For audio involving speech, progressive compression may not matter much. Evidence of a war crimes plot is understandable whatever the bitrate of recording, it doesn't need to be studio-level quality. Presumably in that situation the leaker will release a written transcript along with the audio file.

Once the leaker reveals the public key, the chunks can be decrypted. Since the private key for the bitcoin addresses aro the hashes of the unencrypted chunks, anyone with the unencrypted chunks has the private key for the bitcoin addresses. If this is done fast enough, the transaction that the leaker sends to redeem the funds can be double spent (e.g. with a higher fee).

I recommend LAGPL, same as libbitcoin.

Ping @genjix