Data Encryption
In Transit Encryption
Data is always encrypted in transit using TLS — both between the client and PowerSync, and between PowerSync and the source database.
At Rest Encryption
The client-side database can be encrypted at rest using SQLCipher.
SQLCipher support is currently available for our React Native SDK through the @powersync/op-sqlite
package. See usage details in the package README:
Support for SQLCipher on other platforms is planned. In the meantime, let us know with your needs and use cases on Discord.
End-to-end Encryption
For end-to-end encryption, the encrypted data can be synced using PowerSync. The data can then either be encrypted and decrypted directly in memory by the application, or a separate local-only table can be used to persist the decrypted data — allowing querying the data directly.
An example implementation is coming soon.
See Also
Database Setup → Security & IP Filtering
Resources → Security
Last updated