Encrypted data storage

Hi, awesome app!

Unless already done, it will be really good if all spaces for all or paid users are stored in your database encrypted to keep them private internally as well. This is important for business use-cases.

@pirijan, do you have any plans for this?

2 Likes

Thanks Nick!

It would be nice to have, but tbh it’s an extremely long-term thing, if that. I’m not sure how e2e works with collaboration (it’s easy to conceptualize if it’s just you and the server). Also business-wise not having e2e hasn’t been a significant blocker for trello’s b2b plans.

3 Likes

To clarify, by business-wise I mean kinopio selling to businesses. But of course lots of businesses (and people) have legit needs/desire for e2ee. I won’t be able to meet that particular need for some time tho

2 Likes

A note about this was added to the help site: Encryption (kinopio.club)

1 Like

I can’t comment on the implementation details. I have absolutely no idea how it would work. But, would it make things easier to adopt client-side E2EE, perhaps with one of those open-source JS libraries for it, at the Spaces level? Encrypting one disables sharing. A bit of a mix between both approaches.

I’m a little wary of having some spaces support encryption and some don’t and instead collaboration/sharing from two angles:

  1. technical maintenance: there’s a lot of edge cases in any kind of syncing, and supporting two very difference transmission schemes means I’ve doubled the surface area of potential bugs
  2. user friendliness: having to explain to the user about the two modes with specific advantages and tradeoffs sounds like it would introduce a lot of confusion and awk to the user experience
  3. demand: From the mainstream popularity of notion and similar tools that are also used in large enterprise environments where you’d think they’d be the most sensitive, IRL it seems like E2EE loses to collaboration and convenience for all but the most hardcore users
1 Like