Skip to content

[encryption] store keys by fileId instead of path #59345

Open
Enhancement
Open
[encryption] store keys by fileId instead of path#59345
Enhancement
Labels
0. Needs triagePending check for reproducibility or if it fits our roadmapenhancementfeature: encryption (server-side)
@mejo-

Description

@mejo-
mejo-
opened on Mar 31, 2026

Tip

Help move this idea forward

  • Use the 👍 reaction to show support for this feature.
  • Avoid commenting unless you have relevant information to add; unnecessary comments create noise for subscribers.
  • Subscribe to receive notifications about status changes and new comments.

Is your feature request related to a problem? Please describe.
In Collectives, we can have different paths to a file by user (when a user changes their user_folder user setting). This leads to inaccessible files with server-side encryption as the encryption keys are stored by file path.

Describe the solution you'd like
In order to fix this, we should switch to fileId based key storage instead of file path based key storage.

Describe alternatives you've considered

  • We could use the storage path instead for ISystemMountPoint paths, but this would come with its own problems. E.g. appdata is excluded from encryption and Collectives files live in appdata directory.
  • We could introduce a way to map different user mountpoint paths to the same encryption key path.

Metadata

Metadata

Assignees

No one assigned

    Labels

    0. Needs triagePending check for reproducibility or if it fits our roadmapenhancementfeature: encryption (server-side)

    Type

    Enhancement

    Projects

    🧑‍🤝‍🧑 Community triage

    Status

    To triage

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions