Encrypting data on firestore on a per user basis

[Saad Attieh]

Hi,

Just wondering if there is a common design pattern for the following with regards to firestore,

I have multiple users, with firestore rules to control what they can and cannot read.  Is there a way I can encrypt sensitive data belonging to a user such that if the document was accidentally delivered to the wrong user, say due to a bad rule, the wrong user  would not be able to  read the values?  Ideally, each user would have their own key, used to encrypt the their uploaded data, but with the key stored separately.  I don't need/want end-to-end encryptions, in fact, the backend should have access to this store of keys.  Just the idea being that as long as the key was not compromised, data uploaded by the user could not accidentally be leaked.

[Mehmet Efe Akça]

If database rules are your concern and you trust your backend, you could just write Cloud Functions that handle the encryption-decryption process and have a global app secret that's stored in Functions Config or similar. Your clients would call the functions to get the data and functions to set the data. Or you could have your independently-hosted backend do this.

My personal recommendation would be to write your own test suite for your rules and test all of your Firestore rules before pushing to production. That's a much cheaper and better solution than writing your own encryption-decryption mechanism.