GSoC 2026 Proposal Draft – Idea 7: Support for encrypted notes and notebooks – Kshitiz Jain

GSoC GSoC Proposal Drafts
1

Links

1. Introduction

Hello everyone, I am Kshitiz Jain, a 2nd-year Computer Science Engineering student from India.

My primary experience is in full-stack web development, particularly using React, Next.js, Node.js, TypeScript, and FastAPI. I have also recently worked with Generative AI workflows and developer tools.

I have prior open-source contribution experience through Hacktoberfest 2025, where I contributed 6+ merged pull requests to the Supertinyicons repository.

I am very interested in building secure, user-centric software systems, which is why this project strongly resonates with me.

2. Project Summary

This project aims to introduce password-protected encrypted notes and notebooks in Joplin.

Currently, notes are immediately accessible once the app is opened. However, users may want to protect highly sensitive notes such as passwords, financial details, personal journals, or confidential work notes.

The proposed solution will allow users to:

  • encrypt individual notes using a password

  • optionally encrypt full notebooks

  • securely decrypt content only after password verification

  • protect associated resources where applicable

This feature will significantly improve privacy and local data security for users.

Expected outcome

  • note-level encryption

  • password prompt UI

  • decryption flow

  • encrypted storage format

  • optional notebook-level support (if feasible)

Out of scope

  • cloud sync encryption changes

  • cross-device key recovery

  • enterprise key management

3. Technical Approach

Architecture

The feature will primarily involve:

  • React / TypeScript UI

  • password modal / unlock flow

  • encrypted note storage layer

  • secure password-based key derivation

  • note decryption on access

Cryptographic approach

I plan to use standard cryptographic libraries, most likely Web Crypto API or a well-tested TypeScript cryptographic library.

Possible flow:

password
   ↓
PBKDF2 / key derivation
   ↓
AES-GCM encryption
   ↓
encrypted note storage
   ↓
password-based decryption

Changes to Joplin codebase

  • note editor access flow

  • note storage / retrieval pipeline

  • UI for lock / unlock

  • optional notebook-level encryption

Potential challenges

  • safe key derivation

  • ensuring no plaintext leaks

  • handling note previews

  • mobile compatibility

Testing strategy

  • unit tests for encryption / decryption

  • wrong password scenarios

  • integration tests for note lifecycle

  • persistence tests

Documentation

  • user documentation

  • developer notes

  • security assumptions

4. Implementation Plan

Week 1–2

  • codebase familiarization

  • understand note storage flow

  • finalize crypto library choice

Week 3–4

  • implement note-level encryption engine

  • password-based key derivation

  • unit tests

Week 5–6

  • build lock / unlock UI

  • secure decryption flow

  • wrong-password handling

Week 7–8

  • resource encryption

  • note preview protection

  • additional tests

Week 9–10

  • optional notebook-level encryption

  • UX refinements

Week 11–12

  • documentation

  • bug fixes

  • integration tests

  • mentor feedback iterations

5. Deliverables

At the end of the project, the following will be delivered:

  • note-level encryption

  • password prompt UI

  • tests

  • documentation

  • optional notebook encryption

  • secure storage workflow

6. Availability

I am available for 8–10 hours per week during GSoC.

During my exam period, I will be available for 1–2 hours per day for lighter tasks.

Time zone: IST (UTC+5:30)

I do not have any major conflicting commitments beyond the exam window.