Found this question with DDG and also interested in answer. E2E encrypted notes in public Git repo

I’m not sure if someone will answer over there as that would mean reviewing the crypto, which is not an easy task. For the record, I’ll copy the comment I’ve left over there:

I did try to follow industry standards when I’ve implemented E2EE. Additionally, the crypto has recently been audited and as a result various improvements have been made. I’m planning to post a summary of what the cryptographer found and what changes were made soon.

2 Likes

But to answer your question: storing the encrypted notes on a public repo. While the content of the note might be secure, you can still leak information with a public repo, such as:

  • The size of the notes
  • Which ones you frequently change
  • Possibly your time zone, based on when you make changes
  • How many notes or notebooks you have

Maybe none of this information is very important, but to be safe I'd stay away from a public repo.

I guess another question is: why would you even want to put your notes in a public repo to begin with? :slight_smile:

1 Like

I am not the author of the question.

The only thing in common that I use also a BitBucket (alternaive to GitLab, GitHub,...) from my company.

1 Like

@Sofie, if you are concerned with privacy of your repos and were to decide to save your notes and notebooks to one (not saying you are doing this), setting up a private repo using gittea on either an at home server or a vps (like digital ocean), is very simple.