Obsidian is an awesome tool, been using it daily since a few weeks. I wanted to start subscribing to the Sync feature but have a few concerns. Doing end-to-end encryption properly is hard. As Obsidian is not open-source (and I understand the reasons for that) it’s a black box that we have to to trust. A few questions to alleviate my (and potentially many other user’s) concerns - I apologize if some of this has already been discussed.
How is the end-to-end encryption implemented? What algorithm is used?
How is the key generated and how is it stored?
How is it ensured that it never leaves the local device?
Did you do an independent, external audit by a specialized company and if yes, have you published the report?
Thanks for all your work, I’m looking forward to many years of using Obsidian & Sync.
Could the sync protocol be described in any more detail? AES-GCM is generally fine, but there are gotchas. It would make me feel better to know how nonces are generated, how keys are generated and stored locally, and what metadata if any isn’t encrypted.
Thank you for Obsidian Sync, by the way. I am absolutely loving how seamless it is.
I’d like to second the request for more detailed information here. Aside from the encryption, I’m missing any kind of information on conflict resolution. How will Obsidian deal with conflicting changes made from different devices? The documentation only mentions conflicts between Obsidian sync and third-party tools.
In particular, I get what @onenote already mentioned:
As Obsidian is not open-source (and I understand the reasons for that) it’s a black box that we have to to trust.
but I don’t see how the business model depends on keeping the sync algorithm secret.
I’ve been thinking of subscribing, but given the lack of information on the topic, for now I won’t. (The annual billing mode doesn’t really encourage to test the feature, either.)
I’m a bit paranoid in this regard though: There’s lots of software that claims to have fully automatic conflict resolution. I’m pretty sure that this is a very hard problem, however, and there will be cases where it breaks down (cf. merging in version control systems for example). I’d very much prefer occasionally resolving a conflict manually than always wondering whether Obsidian might mess up my notes when I don’t sync up instantly and two vaults diverge too far.
That’s great to know! (Even though it seems overly expensive tbh.) It wasn’t exactly obvious to me on the pricing page at Pricing - Obsidian (which simply redirects you to a login page when clicking “Buy”).
I couldn’t find too much additional information with regards to Obsidian’s encryption and have one follow-up (or, rather repeated) question in particular, which I hope shouldn’t be too complicated but seems quite important to me:
Where is the end-to-end encryption key stored? Apparently, it’s not stored within the OS’s credential manager if I did look it up correctly.
Ideally, storing my vault within a locally encrypted container (e.g. a VeryCrypt container) should also protect my end-to-end encryption key. If it can be accessed by anyone who knows my user password, that additional layer of local security would not be worth a lot.