Encrypted Data Storage

[Pertempto]

Background

In general we don't want to have the liability of storing our user's data, but in some situations I think the convenience factor of having data easily synced across devices is going to force us to store data on our servers if we want people to actually use our apps

Goals

When we do store user data, I think we should aim for a few things

• anonymized
  • as system admins, when we access the file storage we should not be able to easily tell who's files are whos
• encrypted
  • we should aim to store the data in such a way that we can not access the data, even with direct access to the files. everything should be encrypted by a key only known by the user
  • for convenience, we can look into ways of storing the key on the user's device so that they don't have to enter it every time they access an app, but we should be very careful to make sure that is done in a secure way

Ideas

• Create a dedicated repo called files
• Create a dedicated service on files.kwila.cloud that handles files for the apps that require it
• The files service should have an API which apps can make requests to for saving and loading files
  • The v1 API could be SUPER simple
    - GET https://files.kwila.cloud/api/v1/files/:uuid
    - get an encrypted file by UUID
    - the decryption obviously must happen on the client side in order for the file contents to actually be private
    - POST https://files.kwila.cloud/api/v1/files/:uuid
    - save an encrypted file by UUID
    - we need some auth token for verifying that they are the original owner of the file, so that not just anyone can access it
    - POST https://files.kwila.cloud/api/v1/files
    - create a new file entry. return the UUID and auth token
• Research existing systems that we could build on
  • Even if we build our own system from scratch, we should use other systems for inspiration

Other Notes

I'm sure there is systems out there that we can build on for this. It's an important thing to at least get the basic system in place before we go crazy implementing apps. We can always improve it later.

[Pertempto]

@DavidLandes Most of my app ideas involve some sort of syncing functionality, so having this in place will be vital before I start seriously implementing those.

I think this is where I will focus most of my el-apps time for now.

[Pertempto]

@DavidLandes If you give the go-ahead on this basic idea, I'll go ahead and create the repo and continue design work there.

[Pertempto]

Suggestions from ChatGPT - https://chatgpt.com/share/334d2360-b6e3-40c6-8919-07ceb6c50010

I'll look into these options later

[DavidLandes]

This seems like a great idea!

[Pertempto]

A good search term for this is "self hosted encrypted object storage"

Here is one I found

• https://github.com/hudikhq/hoodik

Basically if we had a self-hosted version of like an S3 bucket, I think that would do the job. It needs to have an API we can use from our apps

Though we need very careful access control. Each file is separate from the others.

[Pertempto]

ooooo

https://git.deuxfleurs.fr/Deuxfleurs/garage

Garage is designed for storage clusters composed of nodes running at different physical locations, in order to easily provide a storage service that replicates data at these different locations and stays available even when some servers are unreachable. Garage also focuses on being lightweight, easy to operate, and highly resilient to machine failures.

This sounds perfect for us.