data privacy mode
I want to build an app where every data stored in Convex needs to be treated very carefully and ideally cant even be seen by the owner of the program (us/me). Is there a mode where I can't access the production data only the users?
The other option would be to encrypt it manually.
6 Replies
Do you mainly want to hide the data in the dashboard, or do you completely want to hide the data from yourself/your team?
If the former, we're working on adding this option to hide the dashboard data, although I don't know about timeline.
If the latter, then the concern is beyond the dashboard. you would want to guard against writing a query that reads data, pushing it to prod with
npx convex deploy, and running it to read the data. In this case you would want some form of end-to-end encryption (like https://stack.convex.dev/end-to-end-encryption-with-convex but there are other methods involving key exchange)End-to-End Encryption with Convex
Implementing end-to-end encryption on top of Convex to build a secret-sharing app.
Ok, thank you, since I want the user data to be 100% safe I will try the e2e encryption route
Cool! The article on e2e encryption might not be the pattern you want. I recommend looking up Diffie Hellman if you're not familiar with key exchanges
And let us know how it goes 🙂 . I've been meaning to write up a more complex e2e pattern in an article or component
yeah, i think I will orientate myself on the signal protocol, but I think I have to make my own library since the use of this lib outside of signal is unsupported
I want to build the first post quantum secured messaging app built on top of convex