[Solved] Bucket and folder encryption using Uplink CLI and bucket create from web browser

Hi together,

after reading the documentation I still don’t understand if after creating a bucket and folders inside it via the web interface following this tutorial https://docs.storj.io/dcs/getting-started/quickstart- objectbrowser /, end to end encryption is applied by uploading files via Uplink CLI, i have this doubt because tutorial says that “The object browser uses Server-side encryption” but in Uplink CLI tutorial say that " Every time you upload a file, the Storj DCS CLI will do all the heavy lifting - encrypt the data using end-to-end encryption" also there is a way to create new folders inside a bucket via Uplink CLI?

thank anyone who wants to answer.

Your second question: there is no such thing as a folder. The objectbrowser is cheating, it creates a hidden file called .file_placeholder.

You can do the same in uplink-cli.

echo "" | uplink cp - sj://mybucket/myfolder/.file_placeholder
1 Like

now i can save a lot of time for create new folders, thanks

1 Like

As for your first question: while you use the object browser you share your encryption key/passphrase with the Storj organization. We store it encrypted with a temporary key given to the browser single-page application. We throw it away in our backend after 3 days. But you have no real way of knowing for sure, you have to trust us!

End-to-end encryption is based on zero trust. When you use uplink or other uplink-based applications you do go back to zero trust. But at that point you’ve already shared your secret, if you want to do it consistently you should never do that.

Note that all prefixes and object keys are encrypted with your secret, so you can’t change secret after creating the folders. You’ll need to create them again with the new secret.

1 Like

so if I understand correctly, even by creating a bucket via uplink (the passphrase has been entered in the terminal) if I decide to create a folder by accessing the web interface and not through the terminal as you showed me, also in this scenario I have shared the passphrase which will be stored by storj in encrypted form for 3 days, is that correct?

Yes this is correct. You can see it easily because the objectbrowser will ask you. Nothing shady going on.