darkfolio custodies no funds, but I wanted to build a portfolio tracker that would support rather than undermine decoy wallets. So I created Ghost Mode, a self-consistent plausible deniability system.
When activated, one PIN takes you to one space with watchlists/portfolios, and another PIN takes you to another space with different watchlists/portfolios.
Nothing in either space says "this is the real stuff" or "this is the decoy stuff." Users choose what they want to use each space for. And both have the same features, in and under the hood.
One crucial constraint, then: someone inspecting the app shouldn't be able to tell that someone is in the decoy, even if they *know* about the existence of ghost mode itself.
But I ran into an issue with Apple's purchase history.
The original set up would make Ghost Mode a paid feature and the decoy would appear, in the app, as under free tier, where Ghost Mode is locked.
Then, all free tier users would give paid users in the decoy plausible deniability. Is this person truly free tier, without ghost mode, or someone with ghost mode in use? You wouldn't be able to tell.
But I soon discovered that Apple's purchase history in iOS is permanently visible, and you can't do anything about it. So someone could quickly find the receipt and see that, although the app shows as free tier with ghost mode disabled, the user had an active subscription. Cover blown. Plausible deniability gone.
After a couple days of failing to come up with a solution, I feared that Apple had made the feature impossible. I was up late one night, trying to figure out another way. And then, at 3 AM, laying in bed, an extremely simple solution popped into my head. And it worked.
Now, even if someone knows about darkfolio, and that it enables decoys, they can't be sure the app is displaying a decoy without significant resources.
Darkfolio
Darkfolio — Track Everything. Reveal Nothing.
A portfolio tracker that can
