NOTE: This post/feature request does not involve the Logseq Sync feature in any way! This feature request will only be of interest to a small fraction of Logseq users who want their graph encrypted on their local disk at rest.
The removal of the inbuilt local encryption feature is a good move, maintaining any encryption feature requires immense resources and opens any app to many different attack vectors. (see: Deprecation of on-disk encryption) All of the Logseq teams resources regarding encryption will be put towards the end to end sync encryption.
For anyone that requires local encryption of their notes at rest, this feature request is for you.
Putting your Logseq graph into a VeraCrypt container is the best way forward, that way you know that the code encrypting your local files is purposely designed and maintained for this purpose.
However there are currently some issues with this setup due to Logseq and require fixing.
Logseq creates a large file in
~/.logseq/graphs that contains your graph in plaintext.
For people that want to use VeraCrypt this file makes any local encryption null and void!
If your files from your VeraCrypt container are being written in plaintext to the disk in this graphs folder, you might as well not be using any encryption applications at all.
Feature Request: An option in
config.edn that tells Logseq to put this graphs file in a specific folder. I suggest a
.graphs folder inside your Logseq graph/notes folder to keep things simple.
This option could be:
That way the graphs folder for the graph/notes will always be encrypted with the rest of your notes.
According to this option, any other tmp files that contain notes content, should either be disabled or moved to perhaps a
.tmp folder inside your graphs/notes folder.
For anyone that uses git, ensure
.tmp are ignored.
Feature Request (expanded): Basically an option that when enabled, moves the
~/.logseq/graphs/xxxxx.transit file for your graph into a
.graphs folder inside your graph/notes folder, so that everything is self-contained, and thus anyone locating their graph/notes inside a VeraCrypt container will no longer have to worry about Logseq writing all of their notes in plaintext to these various tmp locations.