🛡️ Chain of Custody — Tamper‑Proof Forensic Evidence Tool

A tamper‑proof forensic evidence management system that ensures integrity, traceability, and availability of digital evidence. This project combines dual storage (Local + IPFS), fuzzy hashing for tamper detection, and a private blockchain for immutable access logging to implement a robust chain of custody.

---

✨ Key Features

• Private Blockchain Logging Records evidence metadata and every access/modification event. Faster and controllable compared to public chains.

• Role‑Based Access Control

  • Collector — Can upload evidence and view only their own uploads.
  • Forensic Analyst — Can attach forensic reports/findings to evidence.
  • Admin — Full oversight: view all evidence, review logs, restore originals.

• Dual Storage (Local + IPFS) Local storage for fast access; IPFS keeps an immutable canonical copy to recover from tampering.

• Fuzzy Hashing Integrity Checks Detects partial modifications by comparing piecewise hash digests against originals stored on‑chain; highlights which portions changed.

• Comprehensive Activity Logging Per‑evidence and system‑wide logs for who accessed what and when (admin‑visible).

• Live Capture with Geo‑Tagging Capture images/videos inside the app (videos unpausable to preserve continuity); capture location is logged.

---

🧭 Architecture

flowchart LR
  subgraph Users
    C[Collector]
    F[Forensic Analyst]
    A[Admin]
  end

  C -- upload/capture --> UI[Web App]
  F -- attach report --> UI
  A -- view logs/restore --> UI

  UI --> API[Evidence API]

  subgraph Storage
    L[(Local Storage)]
    IPFS[(IPFS)]
  end

  API -- write/read --> L
  API -- backup/restore --> IPFS

  subgraph Chain[Private Blockchain]
    M[Metadata & Access Logs]
  end

  API -- log hash & events --> M
  A -- audit --> M

Loading

---

📁 Repository Structure

.
├── evidence-api                 # Evidence blockchain + API layer
│   ├── api
│   │   ├── cmd
│   │   │   └── generate-config  # Config generator
│   │   ├── config               # API configs
│   │   └── wallet               # Blockchain wallets/keys
│   └── network                  # Private chain/network setup
│
└── ipfs
    └── server                   # IPFS-backed frontend+server
        ├── app
        │   ├── api
        │   │   └── save-file    # Upload endpoint (frontend route)
        │   ├── camera           # Live capture interface
        │   ├── home             # Dashboard
        │   ├── login            # Role-based login
        │   └── video            # Video capture UI
        ├── components           # UI components
        ├── evidence             # Evidence handling logic
        ├── lib                  # Shared libraries/helpers
        └── public               # Static assets

---

🧰 Tech Stack

• Blockchain: Private chain for evidence metadata + access logs
• Storage: Local filesystem + IPFS backup
• Frontend: Web app (React/Next.js‑style file routing)
• Backend: Evidence API (Go) + frontend server (Node.js)
• Integrity: Fuzzy hashing (context‑triggered piecewise hashing)

---

🚀 Quickstart

1) Prerequisites

• Node.js ≥ 18
• Go ≥ 1.21
• IPFS (Kubo) installed and available in PATH

2) Clone

git clone https://github.com/<your-username>/chain-of-custody.git
cd chain-of-custody

3) Configure

Create environment files for both services (adjust paths for your machine):

evidence-api/.env

# Filesystem locations
EVIDENCE_STORAGE_DIR=./data/evidence
CHAIN_DATA_DIR=./data/chain

# Chain / keys
ADMIN_WALLET_PATH=./api/wallet/admin.key
JWT_SECRET=change-this-secret

# IPFS
IPFS_API_URL=http://127.0.0.1:5001
IPFS_GATEWAY_URL=http://127.0.0.1:8080

# Server
API_HOST=0.0.0.0
API_PORT=8081

ipfs/server/.env.local

NEXT_PUBLIC_API_BASE=http://localhost:8081
NEXT_PUBLIC_IPFS_GATEWAY=http://127.0.0.1:8080

Note: Variable names are suggestions based on the folder layout. If your code expects different names, align these accordingly.

4) Start Dependencies

Run IPFS locally:

ipfs init        # first time only
ipfs daemon

5) Start Services

Evidence API (Go):

cd evidence-api
# optional: generate default config
go run ./api/cmd/generate-config
# run the API
go run .

Frontend + Server (Node):

cd ipfs/server
npm install
npm run dev

6) Open the App

• Visit http://localhost:3000
• Log in with your role (Collector / Forensic / Admin)

---

🔄 Typical Workflow

1. Collector logs in → captures image/video or uploads a file.
2. The system stores the evidence in Local Storage and writes a content address to IPFS; a hash/metadata record is logged on the private blockchain.
3. Forensic Analyst adds findings/reports; updates are appended as new entries (immutably logged).
4. Admin audits per‑evidence and system‑wide logs, and can restore the original from IPFS if tampering is detected.

---

🔐 Integrity & Tamper Handling

• Fuzzy hashing detects partial changes: compare current digest with the original stored on‑chain.

• If mismatch:

  • Highlight the changed blocks/regions.
  • Admin may restore the canonical original from IPFS.

• All actions (view, download, attach report) are logged on the chain with timestamps and actor roles.

---

🛡️ Roles & Permissions

• Collector: Upload new evidence; view only their submissions.
• Forensic Analyst: Attach reports/findings to assigned evidence.
• Admin: Global view, audit logs, restore originals from IPFS.

---

🧱 Threat Model (high level)

• Integrity: Tamper detection via fuzzy hashing; original recoverable from IPFS.
• Accountability: Immutable access logs on a private chain.
• Availability: Dual storage ensures local speed + distributed backup.
• Access Control: Role‑based views and actions.

---

👥 Team — 0xRuchiKaraShunti

• Sampriti Saha
• Kshitij Koushik Kota
• Praneet Tenkila
• Pranav Rajesh Narayan

---

📄 License

MIT — see LICENSE.