[jayloofah]

Are the documents encrypted? Is privacy a focus? One major reason that people want to move away from Google Docs and Notion is because of their very invasive privacy policies.

[jpereira]

They are not and while basic privacy and security is definitely a focus (making sure random external people can't get access to your docs and account) end-to-end encryption and privacy is not. There are tools that focus on that that seem great. I think proton mail has a product in that space, and https://docs.fileverse.io/ seems interesting, and there are many more on the more notion side. We wanted to focus our efforts on the interface and experience.

All that being said, I'd love at some point to manage to get everything end-to-end encrypted, but it'll be a big lift!

[layer8]

If I understand correctly, you’re doing the sync client-side, meaning you don’t need the payload in cleartext server-side. In that case, it should be relatively straightforward to generate an encryption/decryption key and put it into the fragment part of the URL, so that the server doesn’t see it, and encrypt all payloads with it.

[jpereira]

There's actually a fair amount going on server side. For one, we have server authoritative sync. There's a lot of mutations that would be tricky to reason about in purely p2p sync, and just applying them to an authoritative source makes that a lot simpler (and is what let's us use Replicache!). Beyond that though we have a bunch of features, custom domains, polls, rsvp blocks, that depend on us being able to control permissions.

It's definitely possible to do all if this in a p2p context, but it's much harder and increases the complexity a ton. It also makes it harder to be fast, you're naturally increasing the amount that needs to be done client side, and server rendering is out the door. There's a bunch of client-side editors that I think are great, and end-to-end encryption is definitely something I want to work towards, but it's out of scope for us right now.