So I am finally starting the process of designing a personal website that can help manage and organize my finances for me.

So obviously, the security of such data is paramount and for the heck of it, I want to design a webapp where it doesn't operate by the rules of "trust me bro" even though I will be the one designing it and most likely will be the only one ever to use it. Just want that experience of proper encryption setup.

Also, even if I am the one operating it, I'd like to set it up so that even if the database is compromised, none of my information is.

skip to bottom if you want to just see my 2 question

Did some reading online, between reading when StandardNotes does encryption as well as how it does it and some basic reading into encryption

• https://www.baeldung.com/java-aes-encryption-decryption
• https://security.stackexchange.com/questions/14068/why-most-people-use-256-bit-encryption-instead-of-128-bit

and the importance of not having a local unencrypted database like Joplin does

So all that got me curious how Google encrypts the user data it has and would up reading

• https://security.stackexchange.com/questions/269341/how-does-googles-on-device-encryption-work
• https://developers.google.com/workspace/cse/guides/encrypt-and-decrypt-data

and the basic take-aways seem to be:

• utilize encryption on a field before storing it in a database so that even if the machine gets compromised, the data won't be
• if you want to go even further, take the approach of StandardNotes, where it seems even the web server itself never touched unencrypted data it seems? Looks like all the encrypting and decrypting happens locally and only encrypted data is sent to the server

1. But that got me curious. It can't be argued that Google is not secure. they have the best minds working there to ensure just that. and yet its also well known that their respect for user privacy is non-existent. Which means that they've made sure to protect the data [email, google searches, google docs, google maps history] from hackers but they can themselves decrypt at least some user data for the purpose of data collection and selling ads.
   But if Google can decrypt the data and that implies they store the keys on a server from what I can tell from my reading, how it is protected if someone malicious gains access to the database? If that person got access to the database and the keys that Google uses to decrypt the data, wouldn't that compromise the data?

2. if I decide to design my webapp so that all the encrypting and decrypting happens locally, that means that if I were to decide to create a REST API for my application, that would also have to be taking in data in encrypted format, no? Cause if that takes it in plaintext, that means that my webserver would have to be responsible for encryption, which it needs the keys to do that with and if it can encrypt with keys it has access to, then it can decrypt too, no? or are websites that deal with encrypted databases and have REST APIs that can take in plain text information generally coded to be using asymmetric encryption? meaning its different keys being used for encryption and decryption? Or is API Token the key in an encrypted format? or have I misunderstood the whole thing?

Hey everyone,

I've been programming for some time now but notice without any formalized education in CS I often get lost in the weeds when it comes to developing larger applications. I'm familiar with the principles of TDD and SOLID - which have helped with maintainability - however still feel that I'm lacking in the ability to architect a properly structured system. As an example, I'm currently developing a flask REST API for a website (just for learning purposes). This involves parsing a html response and serializing the result as JSON. I'm still quite unclear as to structuring this sort of thing. If any more experienced developers could point me in the right direction/offer up their opinion I'd be very appreciative. Currently I have something like this (based - I hope correctly? - on uncle bob's clean architecture).

Firstly, I'm defining the domain model. i.e the structure of the API response. Then, from outside in.

1. Infrastructure (Flask): User makes request via interface (in my case a request to some endpoint)
2. Adapters: request object checks if the request is valid (on the way back it checks if the response is valid) - Is this layer only for error handling?
3. Repository: I'm struggling a bit here, AFAIUI this layer is traditionally a database. In my case however, where the request is valid, is this where I should handle the networking layer? i.e all the requests to return the website source? I'm also confused given at this stage I should be returning the relevant domain model, like an ORM, but as my data is unstructured, in order to do this I need to transform the response first. Where would it be best to handle this?
4. Use Cases: Here I transform the domain model depending on the request. For example, filter all objects by id. Have I understood this correctly?
5. Serializers: Encode the domain model as JSON to return from flask route.

If you got this far, thanks so much for reading. I really hope to hear the opinions of more experienced devs who can steer me in the right direction/correct me should I have misunderstood anything.