In this meeting, the participants discuss the security concerns related to sharing sensitive documents through public URLs. They explore the possibility of securing the URLs or using tokens for downloading files to address the issue. The app is already in production and will handle approximately 50GB of files and tens of thousands of PDF files.
Several approaches are discussed for keeping the files secured. The first approach is to store the files encrypted within Zano, decrypt them inside an endpoint, and deliver the data. The second approach involves storing the files as base64 encoded strings in the database. However, both of these approaches are not scalable. To achieve scalability, external services like Uploadcare, Amazon S3, and Google Cloud Storage are suggested. These services provide locked boxes for storing files and temporary URLs for downloading them within a limited period. The participants also discuss the concerns regarding the encryption and decryption process, stating that it not only affects the CPU but also requires significant memory space, especially for larger files. They mention IPFS as an alternative for storing and encrypting large files, which can be combined with coding in Zano. In the closing minutes of the meeting, one participant seeks assistance with an array length issue related to a code implementation.
(Source: Office Hours 3/31 )
