$300 - encrypt data

[louis030195]

please do not start working on this task until we have some clarity on the specific subtasks to be done

can you suggest different "milestones"?

random things i think of:

• encrypt data at rest and somehow still be able to query (look how supabase/pgsql does it)
• encrypt data in http requests
• bitwarden or crypto wallet like you need a password or fingerprint to open screenpipe
• native apple, microsoft, OS encryption feature (vault etc)

any other feature that increase security (better PII removal ...)

also if anyone know how hard it would be to implement this in rust: https://github.com/mediar-ai/screenpipe/tree/main/examples/python/local-llm-pii-removal

then we can write down subtasks accordingly and start the bounty!

/bounty 300

[linear[bot]]

MED-177 $300 - encrypt data

[algora-pbc[bot]]

💎 $300 bounty • Screenpi.pe

Steps to solve:

1. Start working: Comment /attempt #466 with your implementation plan
2. Submit work: Create a pull request including /claim #466 in the PR body to claim the bounty
3. Receive payment: 100% of the bounty is received 2-5 days post-reward. Make sure you are eligible for payouts

Thank you for contributing to mediar-ai/screenpipe!

Add a bounty • Share on socials

[Saturn225]

@louis030195 After reviewing the Screenpipe repository and considering security requirements, here is a detailed breakdown of the proposed milestones and subtasks for encrypting data in my mind

Milestone 1: Data at Rest Encryption

• Encrypt MP4 files on disk as soon as they are written using AES or similar encryption methods
• Implement database encryption to secure sensitive data stored locally following examples like Supabase or PostgreSQL for queryable encrypted data
• Provide a way for users to unlock/decrypt files programmatically using native OS features like Apple’s Secure Enclave or BitLocker.

Milestone 2: Encrypt Data in HTTP Requests

• HTTP requests are encrypted using SSL/TLS and consider additional payload encryption for extra security
• Test and validate all encrypted transmissions to ensure no data is exposed during transport.

Milestone 3: Bitwarden/Crypto Wallet-like Security

• Implement a password/biometric authentication system (e.g., Apple/Windows APIs) for users to unlock encrypted data.
• Design a secure key management system to store encryption keys

Milestone 4: OS-Level Encryption Integration

• Use native OS encryption features like Apple Secure Enclave or BitLocker to enhance security.
• Implement fallbacks for unsupported OS by utilizing Rust-based encryption libraries.

Milestone 5: PII Removal & Data Obfuscation

• Integrate a PII detection and removal tool to sanitize sensitive data before storage.
• Implement logging mechanisms to flag detected PII and ensure its removal.

Milestone 6: Investigate Rust for Encryption & PII Removal

• Make Some research, explore and document Rust libraries for encryption e.g. RustCrypto and PII removal.
• Provide a proof-of-concept implementation showing Rust’s performance benefits for these tasks.

[Saturn225]

For a $300 bounty, implementing all six milestones might be too ambitious as each milestone could involve significant research, coding and testing . Maybe we can tackle other milestones in follow-up issues if considered.

After reviewing the effort involved, I propose focusing on two tasks that are feasible within the bounty scope. Here's the breakdown of tasks I am thinking to do if it aligns well

Task 1: Encrypt Data in HTTP Requests

This is as outlined above

Task 2: Investigate Rust for Encryption & PII Removal

• Research Rust libraries that support encryption and PII removal.
• Document the feasibility and complexity of implementing these libraries in Screenpipe.
• Provide initial examples for proof-of-concept code to show how Rust could handle encryption/PII removal.