CIGaW — Bluetooth peer co-signing
Nearby WITNESS users attest to physical co-presence at the moment of capture. The structural defense against the selective-capture critique.
WITNESS turns any phone into a cryptographic notary. It captures sensor data, hashes it, signs it with a hardware-bound key, and produces a receipt that cannot be quietly altered later — by you, by us, or by anyone else.
WITNESS demonstrates that any modern phone can produce tamper-evident receipts for sensor data using only browser-native cryptography.
It is a reference implementation, not a product. It proves that a captured bitstream existed at a moment in time and was signed by a specific device. It does not prove that what was captured is true, complete, or contextually honest.
Read the threat models before deploying this for any consequential use.
WITNESS is a Progressive Web App. A single HTML file, ~38 KB, zero dependencies, zero cloud calls. It runs in your phone's browser and installs to your home screen like a native app.
Visit witness.mobi/app in Safari (iOS) or Chrome / Firefox (Android). No download. No login.
iOS: tap Share → "Add to Home Screen." Android: tap the menu → "Install app." WITNESS now lives on your phone like any other app — except it never asked for your email.
Open WITNESS. Tap to capture. The device hashes the data, signs it, and produces a QR receipt. Share the receipt however you like. The original file never leaves your phone unless you choose.
No black boxes. Every primitive is browser-native, every step is local. Here's the full pipeline.
SHA-256, SHA3-256, and BLAKE2b-256. A composite hash is computed over all three. Breaking one algorithm doesn't compromise the receipt.ECDSA P-256, with a hardware-backed key generated once on first launch. The key is non-extractable — it lives in the Secure Enclave or StrongBox and can never leave the device.IndexedDB ledger, chain-linked by sha256(prev_hash ‖ entry_body). Tampering with any prior entry breaks every subsequent link. Verifiable offline, on-device.{composite_hash, signature, public_key, timestamp, mime}. Anyone with the QR and the original file can verify the receipt without contacting any server. Ever.The most important thing this tool can tell you is what it isn't doing.
Every accountability tool in history has been turned around. WITNESS will be no exception. The point is to be honest about that from the start, not to pretend otherwise.
People who need to document something that powerful parties may later deny. WITNESS narrows the gap between what happened and what can be proven happened.
Cryptography certifies what was captured and says nothing about what wasn't. A perfectly signed record of the second half is still a partial record. CIGaW peer witnesses are the partial defense.
The same tool that protects victims will be used by people who claim to be victims and aren't. The protocol cannot adjudicate motive. That is the job of courts and journalists, not software.
A persistent device key is a forensic fingerprint. For a whistleblower, that can be a death sentence. The "burn-after-use" ephemeral key option in v0.2 is for these users.
A million personal cryptographic ledgers, each individually verifiable, collectively un-adjudicatable. WITNESS is a small contribution to the same fragmentation it was meant to resist. We hold that openly.
Cryptographic chain-of-custody, alone, proves only integrity. A signed bitstream is still just a bitstream. CIGaW adds a second epistemic layer: independent humans, with independent devices, attesting to their own physical co-presence.
The witness never sees what was captured. They cannot be subpoenaed to testify about content. They are bound to the moment, not to the footage. The cryptography just makes their attestation un-deniable after the fact.
CIGaW is closer to what witness testimony has always been — multiple parties, each with their own perspective and their own credibility, willing to stand behind "I was there." The protocol just makes that testimony durable.
v0.1 is a single-device tamper-evidence tool. v0.2 turns it into a networked attestation system where receipts gain integrity from multiple independent sources. The order matters.
Nearby WITNESS users attest to physical co-presence at the moment of capture. The structural defense against the selective-capture critique.
Free, batched anchoring of receipt hashes to the Bitcoin blockchain via public OTS calendar servers. No wallet, no token, no gas. The boring correct answer.
A clearly-labeled toggle: "Single-use key (recommended for sources)." Each capture generates a fresh key, signs once, then destroys the key. For whistleblowers whose identity must remain uncorrelatable.
The most consequential design question in the project's future. Read the open deliberation before forming an opinion. Not in v0.2. Possibly never.
All violate either the local-first principle or the threat model. Not coming. Not later. Not as a premium feature. Not at all.
Strip the cryptography away and WITNESS is a device that makes moments un-deniable. A citizen, a journalist, a protester, a domestic abuse victim, a whistleblower — anyone — can capture sensor data and produce a receipt that says: this exact bitstream existed at this exact moment, signed by this exact device, and no one — including me — can quietly alter it later.
This is not a hashing utility. It is a portable epistemic anchor.
Hashes prove integrity, not truth. A perfectly signed, chain-anchored video of a staged event is still a staged event. Most people — including most judges and jurors — will read "cryptographically verified" as "true." We are handing out a technology that looks like a truth machine but is actually a tamper-evidence machine. That gap is where the harm lives.
The most consequential decisions left aren't technical. They are about framing, defaults, and what we deliberately refuse to build.
WITNESS is published under Apache-2.0 with the explicit patent grant — important for a tool that may end up cited in court filings. The reference implementation is distributed through GitHub, with signed releases via sigstore. The URL is the integrity check.