What does HackerNews think of sqlcipher?

SQLCipher is a standalone fork of SQLite that adds 256 bit AES encryption of database files and other security features.

Language: C

Passkeys: The beginning of the end of the password | May 2023
Expand Context ↕
> Cloud sync (encrypted!) is important because your average user needs that convenience and durability of authenticator

Local-only iOS+macOS Codebook sync (open-source encrypted! by SQLCipher) provides password and TOTP convenience, durability, transparency, decentralization and fewer supply chain dependencies with one-time purchase. Founded in 2005.

https://www.zetetic.net/codebook

https://github.com/sqlcipher/sqlcipher
SQLite the only database you will ever need in most cases | Apr 2021
Postgres is better in the I-need-concurrency case -- I think it's the greatest RDBMS that's ever been made and would like someone to prove me wrong some day.

SQLite's amazing too though, when you don't need concurrency (and most websites don't really -- especially the ones that should be scaling vertically instead of horizontally).

Anyway here's some cool SQLite stuff:

- https://github.com/CanonicalLtd/dqlite

- https://github.com/rqlite/rqlite

- https://datasette.readthedocs.io/en/stable/

- https://www.sqlite.org/rtree.html

- https://github.com/sqlcipher/sqlcipher

- https://github.com/benbjohnson/litestream

- https://github.com/aergoio/aergolite

- https://sqlite.org/lang_with.html#rcex3

- https://github.com/sql-js/sql.js

- https://www.gaia-gis.it/fossil/libspatialite/index

- https://github.com/h3rald/litestore

- https://github.com/adamlouis/squirrelbyte

- https://github.com/chunky/sqlite3todot

- https://github.com/nalgeon/sqlite-plus/

- https://www.sqlite.org/json1.html#jsonpath

Signal Desktop is corrupting its database | Feb 2021
Expand Context ↕
They encrypt the DB via SQLCipher: https://github.com/sqlcipher/sqlcipher

Not sure how reliable and resilient SQLCipher is but that might (significantly?) increase the risk for a bug/corruption to occur. And the encryption certainly makes the analysis more difficult (while, at least on GNU/Linux, I don't see any advantage as the encryption key is stored unencrypted in ~/.config/Signal/config.json - not sure if other Desktop platforms support secure keystores like on Android and iOS). I briefly tried to analyze my corrupted DB but quickly gave up as I'm not familiar with SQLCipher and basically only got a generic "Error: file is not a database" error message when trying to decrypt it (and there's no plaintext header IIRC so it looks just like random data).

I also had multiple backups of the SQLCipher DB that I could successfully access manually but I was unable to use them for Signal-Desktop (not sure if this was due to some other Electron DBs/state, the stateful Signal protocol, or something else - IIRC the only hint was the "Database startup error: Error: SQLITE_NOTADB: file is not a database" message that didn't really help much).
SQLite as an Application File Format (2014) | Jun 2020
Expand Context ↕
The "officially blessed" (my wording) encryption for SQLite is SEE (proprietary):

https://www.sqlite.org/see/doc/release/www/index.wiki

There are third party encryption approaches for SQLite. One of the most popular is SQLCipher:

https://github.com/sqlcipher/sqlcipher/

Those two don't have compatible file formats. eg no interoperability

Not sure if any others do, but yeah it would be handy if there are.