Blockchain-assisted storage and verification platform for digital evidence with AI-based authenticity screening.
The project currently runs as a full-stack application made up of:
- A
FastAPIbackend for authentication, evidence upload, verification, audit logs, and admin actions - A
Next.jsfrontend for investigators, auditors, and admins - A Solidity
EvidenceRegistrysmart contract for on-chain evidence registration - Local file storage for accepted and quarantined evidence
- SQLite for users, evidence metadata, and audit logs
The application is designed to keep working even when optional services are unavailable:
- If the Hugging Face model is unavailable, AI analysis falls back to a development-safe mock score
- If blockchain is not configured, uploads still complete and on-chain storage is skipped
- If IPFS is not enabled or reachable, uploads still complete and IPFS storage is skipped
- User registration and login with JWT-based authentication
- Role-based access control for
admin,investigator, andauditor - Password validation with minimum length, uppercase, and numeric requirements
- Evidence upload for image and video files up to
100 MB - Supported image formats:
JPEG,PNG,BMP,TIFF - Supported video formats:
MP4,AVI,MOV,MKV - SHA-256 hashing for each uploaded file
- Duplicate evidence detection based on file hash
- AI authenticity scoring with
AUTHENTIC,SUSPICIOUS, andPENDINGstatuses - Automatic quarantine flow for suspicious evidence
- Optional IPFS upload for non-quarantined files
- Optional blockchain recording with transaction hash and block number
- Integrity verification by recomputing the file hash and checking blockchain state
- Full audit trail for registration, login, upload, view, verification, deletion, and role changes
- Admin tools for user role updates and evidence deletion
- Frontend dashboard with evidence statistics, filters, details, verification, quarantine, audit logs, and admin pages
admin: full access, including user management and evidence deletioninvestigator: upload evidence, view records, verify evidence, view quarantine, and access audit logsauditor: view records, run verification, and access audit logs
- A user registers and signs in.
- An investigator or admin uploads an image or video file.
- The backend validates file type and size.
- A SHA-256 hash is generated and checked for duplicates.
- The file is stored locally.
- AI analysis assigns a score and status.
- Suspicious files are moved to quarantine.
- Clean files can optionally be uploaded to IPFS.
- Evidence metadata is optionally written to the blockchain.
- Metadata and audit entries are stored in SQLite.
- Any authenticated user can later verify integrity using the stored file and blockchain record.
POST /api/auth/registerPOST /api/auth/loginGET /api/auth/mePOST /api/evidence/uploadGET /api/evidence/allGET /api/evidence/{id}POST /api/verify/{id}GET /api/admin/audit/logsGET /api/admin/quarantineGET /api/admin/usersPATCH /api/admin/users/{id}/roleDELETE /api/admin/evidence/{id}- Interactive API docs:
http://localhost:8000/api/docs
/loginand/register/dashboard/upload/evidence/[id]/verify/[id]/quarantine/audit/admin
backend/FastAPI app, database models, auth, services, and API routesfrontend/Next.js user interfacecontracts/Solidity smart contractscripts/deployment script for the smart contractstorage/local evidence and quarantine folderstests/backend and AI-related tests
- Frontend:
Next.js 14,React 18,Axios,react-icons - Backend:
FastAPI,SQLAlchemy,Pydantic,python-jose,passlib - AI:
transformers,torch,Pillow,NumPy - Blockchain:
Hardhat,Solidity,Web3.py - Storage: local filesystem, optional
IPFS - Database:
SQLite
cd backend
python -m venv .venv
.venv\Scripts\Activate.ps1
pip install -r requirements.txtCreate backend/.env with at least:
JWT_SECRET_KEY=change-me
DATABASE_URL=sqlite:///./forensic_evidence.db
ALLOWED_ORIGINS=http://localhost:3000
BLOCKCHAIN_RPC_URL=http://127.0.0.1:8545
CONTRACT_ADDRESS=
WALLET_PRIVATE_KEY=
CHAIN_ID=1337
USE_IPFS=False
IPFS_API_URL=http://127.0.0.1:5001
IPFS_GATEWAY_URL=http://127.0.0.1:8080/ipfs/
AI_MODEL_NAME=prithivMLmods/Deep-Fake-Detector-v2-Model
AI_MODEL_VERSION=v2.0-ViT
HF_TOKEN=
AI_SUSPICIOUS_THRESHOLD=0.5
EVIDENCE_STORAGE_PATH=./storage/evidence
QUARANTINE_STORAGE_PATH=./storage/quarantinecd backend
uvicorn main:app --reload --port 8000cd frontend
npm installCreate frontend/.env.local:
NEXT_PUBLIC_API_BASE_URL=http://localhost:8000/apicd frontend
npm run devOpen http://localhost:3000.
Start a local Hardhat node:
npx hardhat nodeDeploy the contract from the project root:
npx hardhat run scripts/deploy.js --network localhostThen copy the printed contract address into backend/.env as CONTRACT_ADDRESS.
- The frontend is configured to call the backend through
NEXT_PUBLIC_API_BASE_URL - The backend creates database tables and storage folders on startup
- Verification can return a partial result when the file hash matches but blockchain confirmation is not available
- Evidence is stored locally by default under the configured storage directories
- The example env files in the repo are placeholders, so the README setup above is the reliable source of required variables