Skip to content

CHANGELOG.md

Latest commit

 

History

History
118 lines (92 loc) · 4.93 KB

CHANGELOG.md

File metadata and controls

118 lines (92 loc) · 4.93 KB

Changelog

All notable changes to TrueShot will be documented in this file.

[0.0.4] - 2026-04-01

Bug Fixes

  • AutoSealService now respects user privacy settings via Hilt-injected SettingsRepository (fail-safe: aborts seal on read error instead of using defaults)
  • Database schema export enabled (exportSchema = true) for Room migration testing
  • GPS redaction now re-signs the manifest via ManifestRedactor — signature stays valid after removing location data

Crypto Trust Anchors

  • NTP timestamp anchoring via SNTP (time.google.com, pool.ntp.org fallback, 30-min cache)
  • Key attestation chain validated against 3 Google Root CAs (EC P-256 2016, RSA 4096 2022, EC P-384 2026+)
  • Auto key regeneration when existing key lacks attestation extension
  • Bouncy Castle provider conflict with AndroidOpenSSL fixed for cert parsing

New Capabilities

  • RFC 3161 TSA timestamps via Bouncy Castle (DigiCert/Sectigo fallback, graceful offline degradation)
  • Depth map integration in ScreenDetector (+25 pts for flat DEPTH16 on supported hardware)
  • Play Integrity API with 5-minute cache and fallback to existing root detection

Standards & Internationalization

  • i18n: PT-BR, ES, FR, DE translations across all 7 modules (35 string resource files)
  • C2PA Phase 1: CBOR serialization alongside JSON (stepping stone for JUMBF/COSE)
  • CAWG Phase 1: self-signed X.509 identity assertions with optional display name

Tests

  • 49+ new unit tests: ManifestEmbedderTest, CorrelationHashTest, CborSerializerTest, ScreenDetectorTest depth scenarios

Dependencies

  • Added: Bouncy Castle 1.78.1, Play Integrity 1.4.0, Jackson CBOR 2.17.0

[0.0.3] - 2026-03-31

Cross-Device Correlation Rewrite

Correlation Hash

  • Removed barometric pressure from hash — inter-device bias (1-3 hPa) made it unreliable
  • Widened GPS grid from ~111m to ~1.1km (Math.round to 2 decimal places) to absorb 5-15m GPS error
  • Added dual time-window hashing to eliminate boundary mismatches at 5-minute edges
  • Theoretical cross-device match rate improved from ~28% to >95%

CI/CD

  • Fixed release workflow: keystore path, conditional signing, APK naming convention
  • Release APKs now named TrueShot-v{version}.apk

[0.0.2] - 2026-03-31

Mutual Proof & Screen Detection

Mutual Proof (Cross-Device Corroboration)

  • Correlation hash now saved to database (was computed but never stored)
  • Query for corroborating photos by correlation hash
  • Detail screen shows matching photos with clickable navigation
  • Web verifier updated with union-find grouping for multi-hash matching

Screen Recapture Detection

  • Rewrote focus distance scoring: diopter-based thresholds instead of meter conversion
  • Works correctly on UNCALIBRATED devices (most mid-range phones)
  • Added color gain blue-suppression threshold (ratio < 0.85)
  • Increased compound signal bonus (focus + flicker)
  • Score differentiation: normal photos 0-15, screen photos 55-65+

Camera

  • Added tap-to-focus with animated focus ring indicator
  • Fixed CaptureCallback race condition: filters for STILL_CAPTURE intent
  • Fixed Android Lint UnsafeOptInUsageError for Camera2Interop

Database

  • Migration 4→5: added correlationHash column
  • Migration 5→6: added correlationHashAlt column

[0.0.1] - 2026-03-30

Initial Release

Core Features

  • Camera capture with ECDSA P-256 signing via hardware-backed Android Keystore
  • SHA-256 image integrity hash (computed on JPEG bytes up to EOI marker)
  • 14 physical sensors sampled at capture time
  • Signed manifest embedded in JPEG after EOI marker
  • Auto Mode: background service seals photos from any camera app
  • 8-point verification engine (hash, signature, attestation, timestamps, sensors, screen detection)
  • Key attestation chain included in manifest

Screen Recapture Detection

  • Novel sensor-based heuristic using 10 correlated signals
  • Focus distance, light/exposure mismatch, magnetometer, gyroscope stability, color gain, flicker, proximity, dark room, step counter, compound signals
  • Score 0-100 included in manifest

Cross-Device Corroboration

  • Correlation hash for cross-device matching
  • Web verifier supports multi-photo comparison
  • Zero inter-device communication required

Privacy

  • GPS off by default
  • All sensor collection configurable
  • GPS redaction before sharing (with signature invalidation warning)
  • Zero analytics, zero tracking, zero cloud, zero third-party SDKs
  • Anonymous device ID (SHA-256 of public key)

Web Verifier

  • Browser-based verification using WebCrypto API
  • Drag-and-drop single or multi-photo verification
  • ECDSA signature verification with DER-to-raw conversion
  • SHA-256 hash recalculation
  • Cross-device sensor corroboration display
  • XSS protection on all user-controlled fields
  • Image never leaves the browser

Architecture

  • 14 Gradle modules, ~5,700 lines of Kotlin
  • Jetpack Compose + Material Design 3
  • CameraX 1.4, Hilt 2.53, Room 2.6
  • Min SDK 28 (Android 9.0), Target SDK 35
  • 2 GitHub Actions workflows (CI, Release)