Encryption for local storage​

[lifehome]

Description

Me and some teams I know are currently with Joplin, of which natively implemented the end-to-end encryption for the local storage, as well as data sync between different Joplin notes.

Seeing that AFFiNE is cloud-connected but local-first, I would want to suggest the ability to encrypt the local storage, as it is the privacy-preserving feature that allows us to have protected notes application.

I would like to suggest:

• Master password for all workspaces
• Per-workspace keypairs (and passwords for each keypair)
• Asymmetric encryption for the local notes storage
• Preferably ECC, but AES is also fine
• If passwords are saved in the application, hopefully to use libraries like argon2 to handle the hash.

Use case

Investigative Journalism creates a ton of stress for journalists, and it is very time exhausting to manage the dataset, also some news material collection could be sensitive, so adding password would be beneficial to protect leaks happening on journalists.

Currently Joplin is doing a fine job on encryption, but using it could be a mess when connecting the dots or drawing freely, the AFFiNE Edgeless Mode gives us creativity to link, write and draw whatever and however we want, much more than just a star/mesh linked map which is dull and only links up all the data with a better visualisation.

Anything else?

Likely not duplication of #3521 as the ticket there suggests password on the application, not per-workspace and all workspaces(i.e. account & application)

Are you willing to submit a PR?

• Yes I'd like to help by submitting a PR!

[EYHN]

Thank you for using Affine. The encryption feature requires further design by our product design team, and I have forwarded your request to them.

I think we can add workspace-level encryption to the local storage, which can be achieved through SQLite encryption. This might require an interaction to enter a password when opening the app.