↳ In-reply-to » Salty.im Blob Storage - HedgeDoc -- Sanity check a design proposal I'm working with @xuu on? 🙏 Basic idea is to have a secure blob store that clients can store arbitrary files/objects to, like ratchet state that is private to the client, as well as a place to upload arbitrary files to for sharing with other users in chat.

@prologic@twtxt.net the proposal does not include a threat model nor a discussion of how the proposed encryption protects against threats. What exactly is the purpose of encrypting the contents other than the fact that other software encrypts stuff? Why is a new blob request signed?

There is a statement

This implies that it is not possile for other clients and users to access another’s blob store as all requests are signed by the client’s private key, verified and used to construct the path(s) on disk.

Does it? Has that property been verified?