Serve encrypted images in Vault Notes

9 votes

As described at, it is implausible that an actor could discover Amplenote images, but there is the potential that an Amplenote image could be leaked if its author were to share the image URL somewhere where it could be picked up by a scraper. For this task, we could guard against this possibility by generating image data that would be E2E encrypted (with vault-password-derived key) so even if URL is guessed it would be useless (and Amplenote can't decrypt, just like with vault note content).

Under consideration security Suggested by: Bill Upvoted: 12 Apr Comments: 0

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators