Hey everyone, week 2 update.
This week was mostly about backend pieces that will later make note locking possible. Nothing user-facing yet, but path underneath is starting to take shape.
The main thing i worked on was the local encryption key. This key is separate from Joplin’s normal sync encryption keys. The simple version is: locked note needs its own key path, and unlocked key should only stay in memory while it is needed.
I also worked on the note save/load path. When local encryption path is used, note body should be saved encrypted on disk, and then turned back into readable text only when the app has the right unlocked key. One important detail here is note history. If a note is locked but an old readable copy is still sitting in history, then it is not really protected.
I opened an early draft of this backend work here: All: Add key path and gated note save/load for local note encryption by keshav0479 · Pull Request #1 · keshav0479/joplin · GitHub
mrjo already gave helpful feedback on the structure, especially around keeping local encryption code clearly separated from the existing note model code. I’m adjusting the branch around that now.
I also spent time testing less visible parts: wrong passwords, expired unlocks, broken encrypted data, and making sure normal sync still behaves.
More next Friday 
more frequent updates are here: Local note encryption / Keshav