During the Kyle Rittenhouse trial, video evidence was provided to the prosecution and defence teams (scroll to 05:00) :
The drone footage provided to each side of the trial should have been identical, for a fair trial. Instead, one team, the defence, received a much lower resolution version of the footage than the prosecution, over twice as small the file-size. The evidence was provided to each side using (!) DropBox, which amazingly is counted as suitable for forensics.
Had IPFS been used for providing video evidence, the IPFS CID for each file should have been identical and this could easily have been verified.
Possibly, but I feel like sometimes the use of a CID as an identifier is sometimes over emphasized and leads to confusion about how IPFS works. Itâs an identifier and based on a cryptographic hash but itâs not a unique identifier for the information. Before someone jumps on that statement let me clarify it uniquely identifies the content as it exists in a hashed graph but is not unique to the information that it represents. ie. the file, image, etc. You can have multiple CIDs for the same file. I donât know much about legal forensics and digital content but I do know that there are special cameras used that do provide some guarantees. Iâm sure there has to be some standards of practice that someone else would be more knowledgable than I am but Iâm guessing that a more straight forward application of cryptographic techniques, possible on top of IPFS, would be more appropriate.
I was thinking exactly the same thing and almost posted about this on the IPFS forums myself. IPFS definitely has a place in the legal system, and so does digital signatures. Even if the legal system doesnât use IPFS CIDs they definitely need systems that are hash-coding files forensically with at least SHA-256.
Online File/Folder structures (frankly like in my Quanta app) are perfect for not just legal uses but also for documentation of the legislative process too. There should be a digital fingerprint on every line of legislation so it can be traced back to itâs authors. Right now K-Street Lobbyist firms write all our legislation and the elected lawmakers donât even bother to read it. (sorry for injecting politics, but I think sometimes itâs appropriate)
Hi, wclayf! I hope more people take a look at your Quanta application. A folder system like that would be useful for ensuring everybody was âon the same pageâ or âin the same folderâ at trial: judge, jury, prosecution, defence, clerks and observers.
It is good to be aware that two different files could have the same CID, and there are probably tools around to generate a file to a specific CID, in a way similar to generating vanity .onion addresses. Though it is unlikely that those files would have content at all similar to the original, it would be worth trying to demonstrate what a duplicate CID for a âHello World!â .txt file might look like, if somebody has the time and resources.
Thanks (about quanta). It doesnât matter that the same file can have multiple âfingerprintsâ (CIDs). If everyone in a trial (defense and prosecution) or legal agreement agrees on a specific CID, then theyâre âcryptographically guaranteedâ that itâs the same file theyâre pointing to. Itâs just about agreeing everyone is seeing the same data. Plus in courts you would agree on the parameters so that everyone hashes and chunks the same way anyhow.
You shouldnât be able to do that and if you can that would be a very big deal. I donât know if thereâs anything that would make a multi hash more susceptible to collisions than the underlying hash algorighm. I think you might have meant that a file can have more than one CID which is trivially done by using a different hash algorithm.
âHear ye, hear ye. This court is in order and will be using the following hashing parametersâŚRaise your right hand and repeat after me, âyou will use the hash, the whole hash and nothing but the hash.ââ. ha
Realistically the legal system should use just SHA-256 (or stronger), and definitely not a CID, because you can make âa very strong caseâ (pun intended) that CIDs are a proprietary format specific to IPFS, and therefore not an actual standard.
By proprietary, I just meant CIDs are specific to IPFS, and basically cannot be generated without installing IPFS first (too many options with chunkers, etc). That makes CIDs completely unusable as a simple verification in the way SHA-256 can be used as a simple verificationâŚunless someone wants to download and install IPFS just to verify a file.