Kin69 / EasyNotes

EasyNotes: Jetpack Compose MVVM for seamless note-taking. Effortless creation, editing, and organization.
GNU General Public License v3.0
395 stars 30 forks source link

[BUG][Enhancement] Backup corrupts vault | New Settings options #105

Closed HarriBuh closed 3 months ago

HarriBuh commented 4 months ago

Required Information

Steps to Reproduce the Bug

  1. Open App

  2. Click on the lock icon in the search bar to secure/encrypt all the notes with a password

(2.1 Recognise all notes are now encrypted)

3a. (NOT stopping it!) Leave the app

3b. Manually stop the app

4.Open the app again

5a. Recognise all the notes are still encrypted

5b. Recognise all the notes are now DEcrypted again

6a. Click on the lock icon

7a. Recognise all notes are now decrypted without getting asked for that password again

Expected Behavior

The app should ask for the password before decrypting the notes, not do it without. This means encrypting the notes is worthless right now.

Strongly Recommended Information

Screenshots

Screenshot_20240716-153459.png

Smartphone Information

Kin69 commented 4 months ago

@HarriBuh The lock icon does not encrypt your current notes. Instead, it opens a folder where any new notes you save will be encrypted. By default, when you open the app, it shows unencrypted notes. Clicking the lock icon again prompts for a password. If the password is correct, it will attempt to encrypt the notes in the folder.

The "Invalid encrypted data format" error occurs because the app is trying to decrypt notes that are not encrypted, or because the password is incorrect.

I tried replicating the issue on the same device, and it worked for me without showing the error. I need to know if you installed the app as new or migrated from an older version. If you migrated, was it from a nightly build or version 1.2.5?

Also have you used backup?

serrq commented 4 months ago

1.3 it doesn't work properly.

https://github.com/user-attachments/assets/f50d26a7-8f5e-49a4-be06-5a3e233d6d97

Kin69 commented 4 months ago

@serrq The system supports both encrypted and unencrypted notes. To create an encrypted note, you need to do so within the vault. Regular notes are displayed upon entering the application. To view encrypted notes, you must re-enter the vault.

serrq commented 4 months ago

I already set the encrypted vault.

Kin69 commented 4 months ago

Here is tutorial how to create encrypted note: Also this is same device and os as @HarriBuh used

https://github.com/user-attachments/assets/d6cb3352-39b2-46b4-841d-79b1e6378048

serrq commented 4 months ago

It is too much complicated dev. Make it more intuitive. I didn't understand anything.

serrq commented 4 months ago

I want set "encrypted vault". Stop. All is encrypted.

Kin69 commented 4 months ago

Alright, I’ll recode it, probably tomorrow. If it doesn’t get accepted by IzzyOnDroid or F-Droid, I’ll include it in version 1.3

serrq commented 4 months ago

No problem. Take your time (I am not sure if this is a proper expression in English, I am not native).

tsiflimagas commented 4 months ago

@Kin69 I'm not sure what are you planning on by saying you'll recode it, but if it's to make it as @serrq says, I strongly disagree. A user with proper perception will be confused if when he taps the lock icon all his notes become encrypted, because that won't be what he'll expect. It is rational as it is. You tap the lock, you're navigated to the encrypted folder. If one wants to encrypt non encrypted notes, what would make sense imo would be to add an option to move notes in the vault.

As for the issue the author reports, I think what's happening is that the app tries to decrypt notes from the existing database. Starting with no data I can't seem to reproduce the issue, but with my existing notes/database, when opening the vault all my notes are shown there and it seems that they get corrupted.

issuant commented 4 months ago

The current UX is bad and too easy to 'forget' to activate.

But I will go even further than @serrq and say there should only be encrypted notes going forward, especially once a password is set. This would be in line with other note apps. What is the point of having unencrypted notes anymore at all? Bad for user privacy and prone to bugs.

Kin69 commented 4 months ago

Yes, this feature is already available on Izziondroid, and I have no intention of removing it. The term "Vault" implies that there are both standard and vault options. By "recode," I mean adding new settings that become available once you enable the Vault feature. For example, options like "Open Vault by default" or "Encrypt current notes" would allow you to encrypt all existing notes and automatically redirect to the Vault, providing full access to Vault functionalities.

@tsiflimagas Regarding corrupted data, there is currently a bug when trying to access the vault after recovering via backup or migrating from some nightly builds.

If anyone has suggestions for improving this functionality or ideas better than adding these two settings, please let me know before the update is finalized.

serrq commented 4 months ago

As I can try the newest version, I can think about new settings. I need to try it.

issuant commented 4 months ago

If anyone has suggestions for improving this functionality or ideas better than adding these two settings, please let me know before the update is finalized

The lock icon in the search box from the video is a bit ambiguous. If I updated the app and had not seen that video, I would have assumed it was an app lock button unrelated to encryption (like what exists on Telegram, if I understand it correctly).

My suggestion would be to replace it with a warning icon of some sort and have it only show up when encryption is not turned on so that users are informed their current settings are unsecure.

HarriBuh commented 3 months ago

Any news/ updates on this issue, @Kin69 ?

Kin69 commented 3 months ago

@HarriBuh, I've completely overhauled the vault functionality to operate on a more robust logic. While the UI remains unchanged, the underlying data handling should now prevent any loss or corruption. Since I can't reproduce the error on my end, I'd appreciate it if you could test it on your device and let me know if everything works as expected. You can find the updated version in the nightly build.

Kin69 commented 3 months ago

I’ll be closing this issue as the vault functionality should now be working correctly. If anyone encounters any errors in the new version, feel free to reopen the issue.