Large strings cannot be stored in securestorage, and must be chunked.

[Asday]

https://github.com/expo/expo/issues/1765

Size limit for a value is 2048 bytes. An attempt to store larger values may fail. Currently, we print a warning when the limit is reached, but we will throw an error starting from SDK 35.

https://docs.expo.io/versions/latest/sdk/securestore/

[Cretezy]

This is definitely going to be an issue. I will rework this to use AES to allow large blobs soon. Thank you for rising this issue

[Asday]

I was thinking of a much cruder solution:

• in setItem(), store the size of value / 2048 as key, then chunk value to 2048, and store as key[x];
• in getItem(), get the size of the value from key, then retrieve that many chunks, and concatenate them;
• in removeItem(), get the size of the value from key, then delete key[0-n].

[Cretezy]

I don't think chunking is the right solution, it would create a lot of overhead and would be must less efficient

[Asday]

I'm not sure implementing one's own encryption would align with the name of the repo - encrypted by expo or by us, storing large amounts per key in securestore isn't possible.

I may be misunderstanding.

[Cretezy]

The usual solution for storing encrypted data on mobile is this (see other libraries implementing the same pattern):

• Create AES key, store it in the secure OS store (this library stores data in the secure OS store, just need to store the AES key instead of the data)
• When saving data, encrypt it with said key and save it to disk (it is encrypted, and disk has no file limit)
• When fetching data, fetch the AES key from the secure OS store, then read disk data and decrypt it

I will create an extension to this package when I have time to allow for this pattern

[leviathanbeak]

@Cretezy so should we just wait and ignore the warning for now or ?

[Asday]

Depends on your case and environment. You should get an idea of how much stored breaks your intended audience's environments, and how much you're likely to store at most.

If it's looking risky for you, consider helping @Cretezy out with his describe AES solution, or switching to a different storage solution and sacrificing the security.

[thargenediad]

We eagerly await the new extension, @Cretezy!

[istvan-szilagyi]

We couldn't wait anymore for the new extension, so we created our own package which works as @Cretezy told it should (so big credits for him on the idea).

https://github.com/neverdull-agency/expo-unlimited-secure-store

[Cretezy]

@istvan-szilagyi This is great! I'm sorry for being a little bogged down recently.

If you'd like, create a PR with the information in the README.

[uxxman]

any update on this?

[xmflsct]

Thank you @istvan-szilagyi ! I have switched to use your library.

[bleedingAyush]

Guys, you don't need to use this package at all. Just go to the project's main repository and copy the two files index.d.ts and index.js and then make a folder name redux-persist-exposecurestore in and then use it.

[Asday]

@Ayush6543 that is exactly using this package, you're just cutting out the NPM step (and taking the responsibility of transpilation).

Also that does absolutely nothing to fix the issue.

[bleedingAyush]

@Ayush6543 that is exactly using this package, you're just cutting out the NPM step (and taking the responsibility of transpilation).

What is transpilation?

[abdul-megadraws]

Install: @react-native-async-storage/async-storage

Instead of expo-secure-store

Hope it will clear warning message! Will solve issue.