[pseudalopex]

SQLCipher encrypts the WAL.[1]

[1] https://www.zetetic.net/sqlcipher/design/

[0x426577617265]

From your source, it uses the same key:

> Write Ahead Log Files - Using the new WAL mode (i.e. PRAGMA journal_mode = WAL;), page data stored in the WAL file is encrypted using the datbase key. Pages in the rollback journal are encrypted using the same key as the main database. Verification: create an encrypted database, start a transaction, make changes, and then inspect the -wal file using hexdump or a similar program.

[pseudalopex]

So destroying the key makes both unrecoverable.

[0x426577617265]

Yes, Except the key isn’t destroyed it’s in the json file next to the main db file. Meaning user’s deleted messages could still be recovered.

Even if the user went as far as deleting the json file, it could still possibly be recovered due to the way the FS ‘deletes’ files.

[Operyl]

I think the other posters are saying it’s much easier to shred a small file than it is to shred a multiple GB database, although these days it doesn’t matter so much for a database that small. It’s super efficient for file systems though.

[pseudalopex]

Yes. And I'm talking generally. I don't know what Signal does.