I’m currently trying to implement a shared DAG with end-to-end encryption. The structure of the DAG (the “edges”) does not have to be encrypted (it consists of random UUIDs anyway) but the actual value of the “nodes” has to. And, since it’s “end-to-end”, any intermediate servers (e.g. Y-WebSocket) will not be able to decrypt anything.
Encrypting plain and boxed values is trivial, but I would also like to use Y.Text for concurrent editing and still encrypt any contents.
What is the currently recommended way to solve this problem? Will I have to implement my own “encryption-savvy” variant of Y.Text? Should I encrypt the whole Y.Doc? If the latter: where will I have to insert my encryption/decryption code?
[Edit] What currently came into my mind because it was mentioned in another post: encrypting/decrypting doc updates would sound elegant (would the current Y.WebSocket be compatible with such an approach?) - but is there a “hook” where I could add encryption/decryption to a Y.Doc before any update is sent to a provider/after an update was received from a provider?
[Edit] I reread the docs (it’s been quite a while since last time) and came to the following solution:
- custom implementations of providers are needed (as normal ones are directly bound to a Y.Doc)
- on the sender side: Y.doc.on(‘update’,…) may be used to get informed about updates. These may then be encrypted as needed and passed to any providers
- on the receiver side: providers will receive the encrypted update which may then be decrypted and applied to the receiver’s Y.Doc
This sounds feasible but would require custom providers
Thanks in advance for any hints!