Open blmhemu opened 3 years ago
Not yet, but we're planning to introduce encryption with a rework of our storage API: #22
Thanks for pointing out the discussion. Regarding
Should the encryption be purely client-side instead? This would make things more efficient on the server side but protecting secrets like the private key inside a web application running in the web browser isn't easy.
I was thinking if something like https://www.etebase.com/ can be implemented or even better just use it as one of the backends. Also, Etebase has first class rust SDK support. (Although the backend itself is written in python)
@blmhemu I don't think that etebase is suitable for encrypted storage but it's still a good inspiration for a file sync protocol. I thought it might make sense to use both client-side and server-side encryption. Of course even server-side encryption would never allow an unencrypted public key to be stored on disk and only in memory to handle requests. Yet client-side encryption is still preferable but needs client libraries to work which is not so easy to integrate into a web front-end.
Is end-to-end encryption possible?