search

streetwriters / notesnook

A fully open source & end-to-end encrypted note taking alternative to Evernote.
https://notesnook.com/
GNU General Public License v3.0
9.73k stars 595 forks source link

Offline decryption script for the Notesnook backup file .nnbackup #1756

Open NinjaGobbler opened 1 year ago

NinjaGobbler commented 1 year ago

What problem are you facing?

As of now, the backup works excellently with the encryption turned on. All my nnbackup files are encrypted as expected and I am unable to read the actual content. Good job on this team :) But in the future, if I lose access to Notesnook for some reason, then the encrypted backups become useless to me as an end user as I can't read it offline without decrypting it (even if I remember my account password that was used to encrypt data).

What's the solution you'd like to see in Notesnook?

As everything including the encryption and how data is handled has been made open-source by Notesnook (thanks for that) enabling users to have that independence to control one's own data keeping it safe and long-lasting, despite any extreme scenarios in this world will be a great motive to exhibit for Notesnook as a company too.

To implement this as a solution, if Notesnook can provide users with some kind of an offline decryption script (that doesn't require internet access if possible, thereby removing reliance on any particular server/entity) which would take the .nnbackup file and the account password as inputs and then after decryption, it can provide a .zip folder containing all notes and reminders as outputs in any format (like html, pdf etc).

As a user, if I have this feature I would feel safe about the fate of my data, as it will be 100% in my control as long as I have the encrypted backup file with me.

What alternatives have you considered?

An alternative to this would be to periodically use the "Export" option on Notesnook app to export notes in cleartext format (in html, txt or pdf etc) and store the .zip file somewhere securely. This way, I am opening up the attack surface of my notes and would have to additionally protect the place where exported files are stored thereby defeating the purpose and mission of notesnook which is to keep all user data safe, private and encrypted.

Additional context

No response

NinjaGobbler commented 1 year ago

@thecodrr @alihamuh @ammarahm-ed Hello champs, just following up to see if you think this is feasible to do 😃

thecodrr commented 1 year ago

@NinjaGobbler this will be fairly simple to create. I'll be happy to guide if someone wants to take this up.