Use case or problem
Plaintext local storage of vaults on mobile devices especially leads to data security/privacy issues, especially when backing up your device to cloud services
Proposed solution
Obsidian should encrypt/decrypt vaults in local storage, wherever that is, by default
Current workaround
Use Advanced Data Protection on iOS, ensuring iCloud Backups are E2EE; or backup locally to a Mac; not sure about android
Long form explanation
Local vaults are plaintext repositories of all your data. I don’t use android but can explain the problem and a solution for iOS:
If you’re using Obsidian Sync, your local vault is probably in an Obsidian app folder in the On My iPhone folder in the Files app.
If you have iCloud Backups turned on and ADP turned off, Apple and anyone with access to their servers can read your notes. This is an issue for UK users following Apple pulling ADP. Internationally, ADP is also turned off by default, so many people may be unaware of this issue.
If you have iCloud Backups turned off, great, but if someone has your iPhone passcode, they can read your notes. Obisidian does not provide any protection of your plaintext vault.
A solution could be to use something like the Signal messaging app model for local storage. If someone has my iPhone passcode, when they try to access Signal, they’ll be prompted for another password/faceID. Without it, my messages can’t be accessed. Messages are never stored outside of Signal’s own encrypted sandbox.
To maintain ‘true’ local storage, Obsidian could offer exports of plaintext vaults on demand from the Obsidian app interface that could be saved wherever the user wants. This is what Standard Notes does.