Marking this suggestion as rejected, the lack of E2EE is confirmed here:
Hi, yes, currently on iOS only the
export to filebackup is encrypted by custom password. The iCloud backup is encrypted, but using a constant key.
The guidance posted by the developer in that same thread to enable Advanced Data Protection is incorrect, because ADP will not encrypt CloudKit fields that aren’t marked as encrypted values by the developer. Since 2FAS iCloud Backup is enabled by default and not E2EE, this tool doesn’t meet our criteria:
- Must not sync to a third-party cloud sync/backup service.
- Optional E2EE sync support with OS-native tools is acceptable, e.g. encrypted sync via iCloud.
ente Auth is probably our next best option on iOS, so we’ll be prioritizing that discussion from now on.