I am aware of 5 security issues with Nextcloud’s e2ee. I have no idea of the status as they never replied to my reports.
- The private key of e2ee is stored on the server.
- The directory info and meta is not encrypted. This is also enabling 3 an 4.
- It was/is possible to move files manually and db actions to have to a none encrypted folder. This makes/made the desktop client move the non encrypted file and upload it to the web server in plain. So you could/can instruct the desktop client to upload all files as a malicious server.
- It was/is possible to delete files from the web client, after sync with desktop client the file was/is present unprecedentedly in the trash.
- The e2ee has a few times prevented the Nextcloud instances from updating as it was not kept up to date and prevented upgrades to new versions due to incompatibility. This issue is common with many nextcloud apps.
Additionally I am aware of several issues with double key generation causing existence of multiple key-pairs per user and making it impossible to sync files and several issues with files getting locked indefinitely.
Conclusion, it’s flawed, they don’t know what they are doing, and it is very unstable.