ReelTrust is a mobile-first deepfake verification project that combines:
- on-device video verification using the Presage SmartSpectra SDK (Android),
- backend verification + deduplication (Node.js + MongoDB Atlas), and
- blockchain anchoring (Solana Devnet Memo transactions).
The backend accepts signed media-hash submissions, checks whether the hash already exists, optionally anchors/validates on Solana, and returns a normalized verification response.
Core SDK documentation: Presage SmartSpectra SDK for Android
This project was developed during HackLondon 2026 and won “Best Use of Presage” from Major League Hacking.
- Project Overview
- Architecture
- Tech Stack
- Repository Structure
- Prerequisites
- Backend Setup (WSL)
- Run the Full Demo (Android + WSL)
- API Contract
- Testing
- Troubleshooting
- Notes
- Contributors
ReelTrust is built around the Presage SmartSpectra SDK as the primary verification technology. The Android experience and core detection capability come from SmartSpectra, while the backend and blockchain layers add persistence, deduplication, and auditability.
ReelTrust verifies media authenticity using a hash-first workflow:
- Android app computes/collects media verification context.
- Backend receives a signed request containing media hash and metadata.
- Backend checks MongoDB Atlas for prior submissions.
- Backend anchors to Solana Devnet (Memo) for immutable proof when needed.
- Backend returns:
{
"status": "verified",
"alreadyExists": false,
"txId": "<solana_tx_signature_or_null>"
}- Express API with request validation and HMAC signature verification.
- MongoDB Atlas persistence using Mongoose.
- Solana service for:
- writing memo-based anchor transactions,
- verify-on-read validation of stored
txId.
- Replay-protection primitives: timestamp skew checks + nonce.
- Android app + Presage SmartSpectra SDK modules for video verification and UI flows.
- Demo path connects device to WSL backend via
adb reverse.
- Presage SmartSpectra SDK for Android (primary media verification engine)
ReelTrust/
├── android/
│ ├── app/ # Main Android application module
│ └── sdk/ # Presage SmartSpectra SDK module and assets
├── backend/ # Node/Express verification backend
│ ├── package.json
│ ├── .env.example
│ ├── src/
│ │ ├── config.js
│ │ ├── server.js
│ │ ├── models/
│ │ │ └── mediaSubmission.js
│ │ ├── solana/
│ │ │ └── service.js
│ │ └── utils/
│ │ └── signing.js
│ └── tests/
│ └── api.e2e.js
└── README.md
- Node.js 18+
- npm 9+
- MongoDB Atlas connection string
- Solana keypair for Devnet anchoring
- Android Studio installed on Windows
- Presage SmartSpectra SDK integrated in
android/sdk - USB debugging enabled on device
- Android Platform Tools (
adb) installed and available
Add your Presage key to android/local.properties:
PRESAGE_API_KEY=<your_presage_api_key>Notes:
- Use the exact key name
PRESAGE_API_KEY(this is whatandroid/app/build.gradle.ktsreads). - Keep
local.propertieslocal to your machine; do not commit your real API key.
From WSL:
git clone <your-reeltrust-repo-url>
cd ReelTrust/backend
npm installCreate/update .env using backend/.env.example keys.
Minimum recommended values:
PORT=3000
REQUEST_BODY_LIMIT=10mb
MONGODB_URI=<your_atlas_uri>
CLIENT_ID=android-app
CLIENT_SECRET=<your_shared_secret>
MAX_CLOCK_SKEW_MS=300000
SOLANA_RPC_URL=https://api.devnet.solana.com
SOLANA_KEYPAIR_PATH=/home/<your-user>/.config/solana/devnet.json
SOLANA_PRIVATE_KEY_JSON=
SOLANA_REQUIRED=false
SOLANA_VERIFY_ON_READ=trueRun backend:
npm run startHealth check:
curl http://127.0.0.1:3000/healthExpected:
{"status":"ok"}cd ReelTrust/backend
npm run startcmd /c "C:\Users\<your-user>\AppData\Local\Android\Sdk\platform-tools\adb.exe reverse tcp:3000 tcp:3000"
cmd /c "C:\Users\<your-user>\AppData\Local\Android\Sdk\platform-tools\adb.exe reverse --list"You should see tcp:3000 tcp:3000.
If curl.exe http://127.0.0.1:3000/health fails in Windows but WSL curl works, use portproxy (Admin PowerShell):
netsh interface portproxy add v4tov4 listenaddress=127.0.0.1 listenport=3000 connectaddress=<WSL_IP> connectport=3000
netsh interface portproxy show all- Open phone browser:
http://127.0.0.1:3000/health - Expected:
{"status":"ok"}
- Connect phone
- Ensure app uses backend base URL:
http://127.0.0.1:3000 - Run upload/analysis flow
POST /api/v1/videos/submit
{
"videoHash": "<64-char sha256 hex>",
"mediaType": "video",
"metadata": {
"source": "android"
},
"auth": {
"clientId": "android-app",
"timestamp": 1700000000000,
"nonce": "random_nonce",
"requestSignature": "hmac_sha256_signature"
}
}{
"status": "verified",
"alreadyExists": false,
"txId": "<solana_signature_or_null>"
}400invalid payload / invalid JSON / aborted request401invalid signature or client409stored txId failed on-chain verification413request body too large500database error502Solana anchor or verify error
From backend/:
npm run test:apiThis E2E suite validates:
- health endpoint
- valid submit
- duplicate hash behavior (
alreadyExists) - signature/hash/timestamp/mediaType validation
- verify-on-read tamper detection for stored
txId
Run from backend folder:
cd ReelTrust/backend
npm run test:api- Re-run
adb reverse tcp:3000 tcp:3000 - Confirm with
adb reverse --list - If needed, configure Windows
portproxyto WSL IP
- Check backend logs for explicit JSON error (
413, invalid JSON, aborted request) - Increase
REQUEST_BODY_LIMITif needed - Ensure app sends expected JSON contract for
/api/v1/videos/submit
- Ensure
android/local.propertiescontains:
PRESAGE_API_KEY=<your_presage_api_key>- Re-sync Gradle and rebuild the app.
- Confirm keypair path or inline key JSON is valid
- Ensure funded Devnet wallet
- Verify
SOLANA_RPC_URLpoints to Devnet
- This repo includes both Android and backend code; backend is the primary verification API runtime.
- This project was developed on Windows x64 systems using WSL Ubuntu 24.04.
- The SmartSpectra SDK is typically used for live camera health-related applications rather than offline deepfake video analysis, so the video upload flow may have some accuracy limitations.