dWikiLeaks | Devpost

Inspiration

WikiLeaks has been responsible for exposing highly sensitive classified media, from the Afghan war diaries to secret documents concerning prisoners in Gauntanamo Bay. Claiming a database of over 100 million documents, security and privacy on WikiLeaks is vital to its reputation. Suffering from DDoS attacks, and heavy server regulation, WikiLeaks has found it increasingly difficult to maintain their infrastructure reliably.

In consequence, we're motivated to explore the possibility of building a secure platform for investigative journalism that is simultaneously reliable and inherently anonymous.

What it does

dWikiLeaks is essentially decentralized WikiLeaks. It provides a secure medium by which whistleblowers can anonymously and securely submit sensitive files to a trusted organization for analysis. This is enabled by a purely peer-to-peer network architecture (no http requests to central authorities) for distributed file storage, end-to-end RSA encryption, and Ethereum.

How we built it/How it works

The typical use case is as follows:

A user wishes to anonymously disclose a highly sensitive document
The file is processed via our web app, encrypted via RSA, split into chunks, and persisted on a distributed peer-to-peer network
A hash referencing the file is obtained, and sent to a smart contract on the Ethereum blockchain for persistence
WikiLeaks, the sole recipient of the file, reconstructs the file based on this hash and securely decrypts its contents via a unique private key

We used truffle.js to streamline our development workflow, from compiling and testing our smart contract to managing its deployments on testrpc. The distributed file storage system is implemented via a front-end IPFS client on Node.js, which does a great deal of the heavy lifting with the peer-to-peer network.

The web app interfaced with the blockchain via Metamask and Ethereum's Web3 library. We managed DOM manipulation and the user interface with React and Redux.

Challenges we ran into

Compared to other hacks we've completed in the past, we found documentation and resources to be quite limited. It was also our first time writing Solidity and smart contracts, both of which are notoriously difficult to debug.

Accomplishments that we're proud of

Finishing the hack in time
Taking our high-level knowledge of these systems and building something that (sort of) works
Having fun meeting new people

What we learned

How to write, deploy and interact with smart contracts
How the blockchain's state transitions work at a deeper level
A wider appreciation for the cryptographic properties of blockchain-based systems

What's next for dWikiLeaks

Looking into alternative protocols for privacy on the blockchain (Zcash has some very cryptographically interesting solutions for anonymity)
Building a channel for secure communication between journalists and sources as part of the platform
Taking this beyond just WikiLeaks, as a potential medium of communication between sources and journalists for any news organization.

Built With

blockchain
ethereum
ipfs
react
rsa
solidity
truffle.js
web3

Submitted to

Hack the North 2017

Created by

Wrote, tested and interacted with the smart contracts using Solidity, TestRPC, Metamask, and Web3

Jashan Shewakramani
Implemented the distributed file storage for permanent and decentralised file sharing.
Integrated the IPFS protocol and RSA En/Decryption in the application.

Dhruv Jauhar
Architected and built the frontend of the app, utilising Redux, Redux, and related technologies to integrate each component of the pipline.

James Oldfield

Updates

Jashan Shewakramani started this project — Sep 17, 2017 01:02 AM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.