Encrypting your data before storing it in the Adalo database

Open-sourcing a couple of new components that will let you encrypt your data before sending to to Adalo. In this video we go through a quick example of building an End-to-End encrypted chat system. The app itself is pretty crappy, but the point is to show that the data is encrypted on the server, but the users can read the messages.

** WARNING: ** Encryption is a very good thing, but it can go very wrong if you lose your private key. When designing your app, make sure you give the user the opportunity to save their private key somewhere safe, outside of the app (and never in the database). Test, test, test, and test again before shipping an app that uses encryption. Otherwise you risk your customers loosing access to all their data!

YouTube video here:

GitHub projects used:

Installation:
https://adalo.pragmaflowservers.com/install-component

As always, feel free to post issues/requests in GitHub so we can triage/enhance the components.

5 Likes

Hi @TKOTC,
You’re doing awesome! These are very useful & important components you made for us. I really appreciate your efforts.

BTW I have one more question, Do you have any components for the offline app’s database? so users can access data without the internet & speed up the app’s performance also sync data with the cloud server when the internet is available.

Take lots of love from me :heart:.

1 Like

Hi Fredy, thanks for the kinds words. I appreciate it! I hope at least some people are delivering value to people based on our work. Before reading on prepare yourself for some rambling and jargon!

To answer your question about offline access to the Adalo data and syncing offline data on connection. The answer is, without getting your hopes up, “it’s complicated”…

With the local-storage component in the video on this topic released today, if you set it to read-only and put the key to “persist:root”, you will be able able to access all of the app data offline. Adalo, in fact, is built using “Redux-Persist” which is designed to support offline data, and can facilitate sync’ing when online, as explained here

https://newbedev.com/store-data-offline-and-sync-once-online-using-react-native-and-redux-store

There is code and software concepts involved so it is not for the no-coder at heart.

Now for the let down, as a no-coder, if you set the local storage read only key to persist:root, you should hear the words “water water everywhere nor any drop to drink” in the back of your mind. In other words, you will see the data, or what looks like the data, but you will not be able to do anything with it! Perils of no-code, the cookie jar is just out of reach…

So now we understand that we can access the data offline, but we cannot use the data in adalo, so why is it complicated?

The very heart of Adalo (Apps, not web), what makes Adalo (apps) work is something called proton-runner. When you design an app in Adalo is creates a JSON file that the proton-runner knows how to convert to a react-native app. You can see the heart of Andriod and iOS apps here: @protonapp/proton-runner - npm

If you look, you will see that Adalo has changed it 452 times since launching 4 years ago, the more time and funding they get, the more often they change. The last update was 12 hours ago, they are hard at work! This makes advanced development, like offline support, hard because they can break my stuff without knowing it. Annoying for me as a developer, devastating for you as a no-coder relying on me to fix what they inadvertently broke! So I can build it, but it is hard to give a no-code component to the community that can do it without being a veteran coder.

To add more complication to it, there is not a magic component that can do it, however, there is a magic install script that can do it. With a custom component that simply has a shell script to overwrite the proton-runner with one that has offline support is doable (and has been done) but it is not something that can be released and work for everyone! It would be cheaper to build the app with AWS amplify rather than Adalo at that point.

So, in conclusion, the painful truth to your question is Yes, but it is not coming to you anytime soon (I think). I am in contact with Adalo to see if I can help make things like this possible, but needing to build my own FREE app store to get components to the community leads me to believe it might be longer that we both hope…

4 Likes

This is awesome. Great work. I have been starting to think about encryption with Adalo since my users will be storing personal logs, etc.

This is definitely technical but glad to see its starting to come together.

Side tangent. My thinking has been going web3 on things with blockchain, but haven’t even looked up anything yet. lol

1 Like

Thanks marklive!

You are in good company with my business partner @Mitch-Pragmaflow w.r.t. web3, not so much with me! Without getting into all the reasons I think that web3 is a flawed concept, I will just leave it with this one thought. Will web3 have ‘gas’ to incentivize miners to calculate the hashs? If there is gas, will that not create a multi-teir internet where people who can afford to pay gas have better access? If we both want to login to a website using our web3 identity, will I be able to pay gas fees to jump the queue ahead of you? The answer is certainly YES. This to me is wrong, decentralizing sounds provocative, but it will create a larger gap between rich and middle class/poor.

I would rather see us move towards a more democratic internet than a decentralized internet, and let’s not kid ourselves, bitcoin is centralized to a few mega farms, not everyone running mining software, in the same way big banks and big tech is.

1 Like

Hey @marklive I’ve been wondering if there are low code apps that can work with browser wallets and host smart contacts.

I believe the Web3 community is more likely to create their own rather then web2 low codes to start adopting. There is something call etherium scaffolding which seems like it might be that.

Philosophically, while I believe Steve will be right about a lot of what he says, I see new and awesome business models emerging, and while I suspect they could be done without blockchain, the new paradigm is encouraging companies to see their users as investors rather than creating separation between the two.

I see it as a step forward, or at least diagonally forward and am very interested in exploring. Imperfect as it may be.

Plus too much money is being made by people who aren’t me. I figure as long as risk is hedged and we remember that there is definitely a bubble, and that our actual predictive power relative to any market is poor at best, there’s fun to be had.

1 Like

Interesting ideas. Both you and Steve.

I’m for a decentralized era. Granted I want some kind of security measurements, but like all things, its clunky and crazy in the beginning, then when things get out of control, new problems to solve will come to light.

Idk where no-code and web3 will go, but I would assume it wouldn’t be true web3 anyways as well.