↳ In-reply-to » Salty.im Blob Storage - HedgeDoc -- Sanity check a design proposal I'm working with @xuu on? 🙏 Basic idea is to have a secure blob store that clients can store arbitrary files/objects to, like ratchet state that is private to the client, as well as a place to upload arbitrary files to for sharing with other users in chat.

I know it seems tedious, but you really need to go through this exercise carefully and thoroughly if you care about security. You can’t just encrypt some stuff and hope for the best–that’s hacky, and will not really help with security. There could be gaping security holes you overlooked because you didn’t think it through even with encryption.

The good news is that once you’re done, it’s a great resource to always go back to. The priority column help you prioritize where to put development effort and what to do. It also helps you write documentation where you can tell users, with some confidence, what they can expect to stay safe and what they cannot expect to stay safe when they use salty.