edit
As of version 1.14.3 I have also introduced XChaCha20 encryption (used as default) to allow both symmetric and asymmetric encryption types.
Hi all!
Just wanted to give an update as it's been about two months since the last post I made about Jotty - see it here
We are approaching end of year and I just want to thank this amazing community for the huge support I have received, it has sincerely given me an amazing escape from a lot of shit stuff I had going on in my life (and still, unfortunately, do).
For anyone not knowing about Jotty, the tl;dr is this little snippet here from the readme:
A self-hosted app for your checklists, tasks and notes.
jotty·page is a lightweight alternative for managing your personal checklists and notes.
It's extremely easy to deploy, keeps all your data on your own server with your own file
structure (no databases!) and allows you to encrypt/decrypt your notes for your personal
peace of mind.
Last thing I want is people thinking this post is AI, so I won't give a full on sales pitch, but a bit of context is always needed I suppose lol
You can read about it more on the repo: https://github.com/fccview/jotty
And here's the website with the demo in case you want to play around with it before installing it: https://jotty.page/
Anyhow, PGP encryption has been a much requested feature, for a few months actually, but I didn't want to rush something as delicate as that, so I took my time and I think it's working pretty neatly, passphrase is never stored on the server, private/public key can be generated straight from Jotty or you can import your own/mount them from whatever folder you want on your system on read only.
There's also a ton of new features since the last post two months ago, but this is the one I'm the most excited about.
Let me know what you all think about the feature and Jotty in general and I'll see you in the comments <3
This is all actually very good feedback and a lot to take in and think about, I have no problems in admitting that something can be done in a better way and go back to the drawing board, I'll admit, I don't have much experience with neither of the methods you suggested, but a quick Google showed me a world of learning, so I have a lot of reading to do ♥️
P.s. I did read everything that was linked by u/litchralee btw and it was a very good read indeed
Now, onto the why I went for asymmetric encryption is due to the nature of the notes being files on a system rather than stored in a database, my thinking process being "I can use whatever public key I need for whatever note and decrypt them using the right private key at a later time.
Regarding the sharing, you can indeed share encrypted notes... my thinking was "you give me a public key, I use it to encrypt the note, share it with you - privately or publicly - and you can use your private key to decrypt it". Which is why there's always an option to encrypt with a different public key than the one stored for yourself, I was imagining it just like encrypted emails work frankly. I may have gone a bit too much for overkill lol
I'll see to implement additional encryption methods, if anything I'm all for choice and letting people decide what to use. There's also the very selfish answer to your question btw being that... I like PGP and I made jotty mainly for myself hahahaa
Edit
Sorry forgot to address the signing feedback, you are correct, I am not letting user sign when encrypting, I made a judgement call in favour of user experience, I will be adding an optional checkbox to sign it with passphrase and custom/stored private key when using pgp and look into implementing alternative encryption methods, if anything this conversation got me all excited to code more lol
https://github.com/fccview/jotty/issues/265 ♥️