Interest GSoC'24 | Saurabh

GSoC
1

Hello Joplin Community,

Hope you're all doing awesome! I'm writing to express my interest in participating in one of the following projects:

  • Native Encryption
  • Rich text editor on mobile

Having worked extensively with React Native and JS, I believe I am well-equipped to tackle the technical challenges associated with this project. Please share some more insights on the project.

Saurabh.

2

Hi!

On all platforms, Joplin currently uses sjcl for its end-to-end encryption. SJCL is much slower than native encryption, and this can lead to performance issues and UI freezes. Additionally, Joplin only supports end-to-end encryption (no at rest encryption).

Ideally, we would like to:

  • Migrate to a faster encryption library.
    • On desktop and CLI, we can use the encryption libraries that come with NodeJS.
    • On mobile, we would like to either use native encryption APIs or use a well-maintained encryption library.
  • Use this new encryption library to decrypt existing master keys (or migrate existing master keys?)
    • One of the issues with the current encryption method is slow startup on mobile when decrypting master keys. On some devices, each master key takes more than one second to decrypt.
  • Still be able to decrypt/encrypt using old encryption methods.

This closed pull request adds an encryption method based on a JavaScript/WASM version of the libsodium encryption library. Native encryption would likely involve modifying similar files and encounter similar issues (e.g. key length).

There are a few other things related to encryption that could be done, but might be outside of the scope of the original project suggestion:

  • Support at-rest encryption for a particular set of notebooks.
  • Decrease the size of encrypted data on the Joplin sync target. (Currently, the encrypted data is base64-encoded, which is less memory-efficient than saving binary data).

Currently, the mobile app only has a markdown editor (see packages/app-mobile/components/NoteEditor/). The desktop app has both a markdown editor and a rich text editor (see TinyMCE.tsx).

The desktop rich text editor is based on an old version of TinyMCE with customizations to support things like checklists.

For maintainability reasons, ideally both mobile and desktop would use the same rich text editor library. As such, although using a newer TinyMCE version on mobile could be good, the underlying code should be written in a way that it could later be enabled on desktop. Alternatively, it could make sense to adjust the existing TinyMCE code such that it can run on mobile.

2 Likes