Skip to content

MnemOnicE/vtr-standard

Repository files navigation

The Video Truth Record (.vtr) Standard

Python License Status Pydantic Code Style Code Smells Bugs Lines of Code

Status: Reference Implementation (V2.2) Focus: Security & Chain of Custody

Overview

The Video Truth Record (.vtr) is an open standard for Hardware-Attested Media. It provides a cryptographic binding between video content and the physical sensor that captured it, ensuring authenticity and chain of custody for critical applications.

This standard is designed for Security Cameras, Dashcams, and Trusted User Devices where data integrity is paramount. It solves the "Deepfake Defense" problem by verifying the source hardware rather than analyzing the pixels.

System Architecture

graph TD
    A[Camera Sensor] -->|Capture Video| B(Video File .mp4)
    A -->|Extract PRNU Noise| C{Hardware Fingerprint}
    A -->|Liveness Check| D{3D Depth/Gyro}
    B --> E[Merkle Tree Hash]
    C --> F(ZK Proof Generation)
    D --> F
    E --> F
    F --> G[VTR Sidecar .vtr.json]
    B -.-> H[(VTR Container)]
    G -.-> H
Loading

Core Principles:

  1. Hardware is Truth: We rely on the physical fingerprint (PRNU) of the sensor, not software signatures.
  2. Privacy by Design: Zero-Knowledge Proofs verify the hardware signature without revealing the device's unique serial number or owner identity.
  3. Chain of Custody: Each recording is cryptographically linked to the previous one, creating an unbroken timeline of events.

Features

Chain of Custody Architecture

graph LR
    A[Recording 1<br/>Sidecar] -->|previous_signature_link| B[Recording 2<br/>Sidecar]
    B -->|previous_signature_link| C[Recording 3<br/>Sidecar]
    C -->|previous_signature_link| D[Recording N<br/>Sidecar]
Loading
  • Hardware Root of Trust: Leverages unique sensor noise patterns (PRNU) to attest origin.
  • Tamper-Evident Container: Merkle Tree hashing ensures frame-by-frame integrity.
  • Chain of Custody: "Blockchain-style" linking of file signatures provides audit trails for legal and security contexts.
  • Liveness Detection: Protocol support for hardware-level liveness checks (e.g., 3D depth, gyro) to prevent screen recording attacks.

Repository Structure

The repository is organized as follows:

  • /vtr_standard: The canonical Python implementation of the standard.
    • /poc: The Reference Implementation (SDK) for hardware integrators.
    • /docs: Technical documentation.

Installation & Setup

Prerequisites

  • Python 3.8 or higher.

Installation

Clone the repository and install the package:

git clone https://github.com/mnemonice/vtr-standard.git
cd vtr-standard
pip install .

This will install the required dependencies (including pydantic).

Usage Guide

Running the CLI

The Proof of Concept provides a Command Line Interface (CLI) to sign and verify video files.

⚠️ WARNING: The POC runs in Mock Sensor Mode. It uses simulated hardware roots of trust and is for demonstration purposes only.

Sign a Video

Generate a VTR sidecar (.vtr.json) for a video file:

python3 -m vtr_standard.poc.cli sign my_video.mp4

Options:

  • --sensor-id <ID>: Simulate a specific sensor ID (e.g., DEVICE_123).
  • --allow-ai: Flag to allow your data to be used for AI training.
  • --link-to <PATH>: Path to a previous sidecar to create a "Chain of Custody" link.

Signing Data Flow

sequenceDiagram
    participant CLI
    participant VTRContainer
    participant MockPRNU
    participant Filesystem

    CLI->>VTRContainer: Init with video
    VTRContainer->>VTRContainer: Compute Merkle Tree (frame hashing)
    VTRContainer->>MockPRNU: request ZK proof (with Merkle Root)
    MockPRNU-->>VTRContainer: return ZK Proof
    VTRContainer->>VTRContainer: Assemble VTR Sidecar Schema
    VTRContainer->>Filesystem: Write .vtr.json
    Filesystem-->>CLI: Success Output
Loading

Sign Command Example

Verify a Video

Verify the integrity and authenticity of a VTR container:

python3 -m vtr_standard.poc.cli verify my_video.mp4

This checks:

  1. File Integrity: Merkle Tree hashing of the video content.
  2. Signature Validity: Cryptographic verification of the ZK proof.
  3. Schema Compliance: Ensures the sidecar matches V2.0 specs.

Verification Data Flow

sequenceDiagram
    participant CLI
    participant VTRValidator
    participant Filesystem

    CLI->>VTRValidator: Validate (video_path, sidecar_path)
    VTRValidator->>Filesystem: Read .vtr.json sidecar
    VTRValidator->>VTRValidator: 1. Validate JSON Schema
    VTRValidator->>Filesystem: Read .mp4 video
    VTRValidator->>VTRValidator: 2. Recompute Merkle Root
    VTRValidator->>VTRValidator: 3. Verify ZK Proof matches
    VTRValidator-->>CLI: Output Verification Result
Loading

Verify Command Example

API Documentation

vtr_standard.poc.vtr_container

Main module for handling VTR containers.

  • VTRContainer: Class to manage video and sensor association.
    • create_sidecar(allow_ai_training=False): Generates the JSON sidecar.

vtr_standard.poc.mock_prnu

Module for simulating hardware sensor logic.

  • MockPRNU: Class simulating the hardware root of trust.
    • generate_zk_proof(video_path, timestamp): Creates a simulated cryptographic proof.
    • check_liveness(): Simulates liveness checks (e.g., 3D depth).

Contributing

This is an open standard. We welcome contributions from engineers, cryptographers, and privacy advocates.

See CONTRIBUTING.md for the "Poison Pill" anti-forking rules.

License

This project is licensed under the VTR Public License (VTR-PL), a reciprocal license designed to protect the integrity of human-generated media. See LICENSE for details.

About

The Video Truth Record (.vtr) is an open standard for hardware-attested media. It cryptographically binds video files to the unique physical signature of the camera sensor (PRNU) at capture, utilizing zero-knowledge proofs to guarantee authenticity and an unbroken chain of custody.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages