Author

Topic: RFC: Pseudo-Anonymous, Auto-Replicating, File Drop Using Bitcoin and Freenet (Read 699 times)

newbie
Activity: 30
Merit: 0
Genesis
While thinking about SecureDrop, I gave some thought to how p2p networks and protocols can be leveraged to improve upon its design/architecture/function.  This is purely a thought exercise at this point, and I welcome feedback from the wider bitcoin community (who are far more knowledgeable about p2p networks and protocols) on the feasibility and desirability of the project outlined below.

Problem Statement
There has been a lot of attention given to SecureDrop as a secure file drop and communication platform.  However, SecureDrop requires that one party operate a Tor hidden service, representing a single point of failure for the system.  Furthermore, SecureDrop is purely a one-to-one communications platform.  This RFC would seem to satisfy several of the key requirements as SecureDrop:

1) Maintains (pseudo-)anonymity of file submitter
2) Allows for submitter to "prove" identity and follow-up on prior submission by reusing the same Bitcoin private key

In addition, using the Bitcoin and Freenet networks eliminates the single point of failure (by automating data replication across global P2P networks) and facilitates a one-to-many (broadcast) file drop and communications platform.

This RFC also includes a built-in financial incentive for the developer who successfully implements the product :-)

Required Open Source Software/Resources
1) Java
2) Python
3) Freenet
4) Modified Bitmsg source code (https://github.com/sarchar/Bitmsg)
5) jFCPv2 Library to communicate with Freenet
6) Custom easy-to-use Java GUI to orchestrate

Workflow
Upload

1) Get inputs from user (file to upload, unencrypted text to put in blockchain along with original filename and freenet key, Bitcoin private key with unspent BTC)
2) Upload file to freenet as CHK@ and get full key along with upload confirmation
3) Push bitcoin transaction to the blockchain (always first transaction to one of developer's addresses--that identifies as a file drop and rewards developer, then freenet key, then original filename, then text)
4) Display freenet key and blockchain transaction ID to user for distribution through other channels

Download
1) Get blockchain transaction ID from user and directory to store file
2) Display the message in that transaction
3) Download the file from freenet and save it in user's directory (with original filename)

Search Blockchain
1) Use BlockChain.info to search for developer's designated address and parse all incoming transactions for format described by Upload.
2) Allow for additional search field to search for keywords in uploader's message content
3) Display list of matching transaction IDs
4) Double-click on transaction ID displays Download screen for transaction and allows user to download file

Implementation Recommendations
1) Create bundle of Bitmsg, Freenet, and new Java GUI client that allows upload/download
2) Use virtualization tool to create distro that can run off USB drive or as a virtual image (that includes OS, window manager, Java runtime, Python runtime, Freenet, etc.)

Unaddressed Problems
1) SPAM (though the financial cost of spending bitcoins for each message will likely discourage SPAM)
Jump to: