End to End Encryption

[blmhemu]

Is end-to-end encryption possible?

[AaronErhardt]

Not yet, but we're planning to introduce encryption with a rework of our storage API: #22

[blmhemu]

Thanks for pointing out the discussion. Regarding

Should the encryption be purely client-side instead? This would make things more efficient on the server side but protecting secrets like the private key inside a web application running in the web browser isn't easy.

I was thinking if something like https://www.etebase.com/ can be implemented or even better just use it as one of the backends.
Also, Etebase has first class rust SDK support. (Although the backend itself is written in python)

[AaronErhardt]

@blmhemu I don't think that etebase is suitable for encrypted storage but it's still a good inspiration for a file sync protocol. I thought it might make sense to use both client-side and server-side encryption. Of course even server-side encryption would never allow an unencrypted public key to be stored on disk and only in memory to handle requests. Yet client-side encryption is still preferable but needs client libraries to work which is not so easy to integrate into a web front-end.