Encryption at rest?

[matthiasdebernardini]

I would like to use this crate to store local data which must be confidential.

Are there plans to add encryption?

[vincent-herlemont]

@matthiasdebernardini Yes, I had thought of adding the possibility of including encryption in native_model and allowing users the choice to do their personal encryption using the custom encode/decode. But for that, I need to add the ability to pass parameters to the encode/decode function, so that you can retrieve the key, passphrase, IV, etc.

Like this, you would have the possibility to encrypt your models as you wish, or even perform other operations of your choice.

However, this only offers encryption per model, which provides flexibility but can also make it repetitive, so I'm not sure yet. It requires some design work, so if you have any ideas, don't hesitate to share! :)

NOTE: I would like to avoid having the database offer encryption functions for reasons of responsibility. The database isn't ready to be audited for security, so I prefer that the implementation be on the user's side.

[vincent-herlemont]

There might be a possibility to implement encryption on the backend side of redb. See redb/src/tree_store/page_store/file_backend/fallback.rs.

However, this is not planned in the short term, so I am closing this issue. If someone wants to propose something, a PR is welcome and this issue can be reopened.