Hej,

And welcome to this series of articles about a recent feature Roam Research has released this weekend: end-to-end encryption. I will explore why encryption is so important, how it works, how secure it is (as far as I can judge at the moment), how you encrypt your graph, how you verify that the encryption is working, and last but not most minor, whether the encryption has an impact on performance or not.

Why is encryption so important?

Let’s start with a short explanation of how Roam Research stores your data. All the blocks you write or import are stored in an indexed database in your browser, and if you are using a remote graph, this will be periodically synced to Roam Research’s servers.

When you upload media, like pdf, images, videos, or other files, they will be uploaded to Google’s firebase storage servers using a randomized, ten characters long filename. The extension will stay the same. The file has no other protection. If an attacker knows or guesses the URL, he can access t…