mirror of
https://github.com/overcuriousity/trace.git
synced 2025-12-20 04:52:21 +00:00
90a82dc0d3
Changed the cryptographic signing approach to be more efficient and standard:
**Signing Logic Changes:**
1. **Note-level signing** (CLI & TUI):
- Old: Sign "Hash: {hash}\nContent: {content}"
- New: Sign only the SHA256 hash
- Rationale: Hash already proves integrity (timestamp+content),
signature proves authenticity. More efficient, standard approach.
2. **Export-level signing** (unchanged):
- Entire markdown export is GPG-signed
- Provides document-level integrity verification
**Implementation:**
- trace/cli.py: Updated quick_add_note() to sign hash only
- trace/tui_app.py: Updated note creation dialog to sign hash only
- Updated export format labels to clarify what's being signed:
"SHA256 Hash (timestamp:content)" and "GPG Signature of Hash"
**Documentation (NEW):**
Added comprehensive "Cryptographic Integrity & Chain of Custody" section
to README.md explaining:
- Layer 1: Note-level integrity (hash + signature)
- Layer 2: Export-level integrity (document signature)
- First-run GPG setup wizard
- Internal verification workflow (TUI symbols: ✓/✗/?)
- External verification workflow (court/auditor use case)
- Step-by-step verification instructions
- Cryptographic trust model diagram
- Security considerations and limitations
Added "CRYPTOGRAPHIC INTEGRITY" section to in-app help (press ?):
- Explains dual-layer signing approach
- Shows verification symbol meanings
- Documents 'v' key for verification details
- External verification command
**Verification Workflow:**
1. Investigator: trace --export + gpg --armor --export
2. Recipient: gpg --import pubkey.asc
3. Document: gpg --verify export.md
4. Individual notes: Extract signature blocks and verify
Files modified:
- README.md: +175 lines of documentation
- trace/cli.py: Sign hash only, update labels
- trace/tui_app.py: Sign hash only, add help section