feature request: plausible deniability

[alexandruast]

Having some sort of plausible deniability built in the app would be nice, or at least some means to hide certain sensitive notes, like TokenVault or other potential loss-inducing data (credit card numbers, bank account logins, etc...) in the case of an assault or robbery. I know two situations where people got robbed on the street, and the robbers threatened the guys to unlock the phone and all the apps. Funds be gone. What do you guys think of this?

[moughxyz]

Yeah, something on my mind as well. Have some ideas here which I hope to explore. Was there a particular means of accomplishing this you were thinking about?

[alexandruast]

None that will work without major overhauling some components, I am afraid... I don't have any clue how this can cope with the current db format, unless there is another encryption layer to obfuscate the real/decoy db. Maybe some sort of per-note delayed unlock, with a server side time-based key?

[proletarius101]

Well, probably in robs you don't need to protect from forensics. So I suppose db protection is not necessary. What you need is some cover-ups?

But if you intended to implement plausible deniability for forensics, we need a smarter way: https://arxiv.org/abs/1706.10276

[alexandruast]

For robberies, I would advocate for a special type of note which delays the attacker or puts his actions into a different crime category.

For example, you don't need to have bank logins / MFA accessible immediately from the mobile app, so a 4-8h delayed unlocking changes the crime dynamics, kidnapping being a serious crime.

The transaction can be written to a fast cheap blockchain, like Solana, and use proof of history to generate the correct key at a specific time.

This does not need to be a core component, a plugin may be just fine. It also does not require any server side apps.