SQLCipher Encryption Configuration - Meander - Peer Mentor Platform

Infrastructure medium complexity mobile

Dependencies

Dependents

Entities

Integrations

Description

Bootstraps the SQLCipher encryption key used by the Drift database at app startup. Retrieves or generates a device-bound AES-256 key from the Flutter secure storage (platform keychain on iOS, Android Keystore on Android), ensuring the local database is encrypted at rest and the key is never stored in plaintext.

Feature: Offline Data Support

sqlcipher-encryption-config

Responsibilities

Retrieve existing encryption key from platform secure storage on app launch
Generate and persist a new AES-256 key on first run if none exists
Provide the resolved key to the Drift database open call
Handle key migration scenarios across app reinstalls where the keychain entry survives

Interfaces

getOrCreateEncryptionKey(): Future<String>

rotateKey(newKey): Future<void>