Privacy question about using TiddlyWiki with Node.js in Termux (Android)

For context, I am currently using encrypted single file TiddlyWikis in Android through Tiddloid app and Vivaldi browser.

To be honest, so far I don’t know if either Tiddloid or Vivaldi compromise the privacy of data by dumping TiddlyWiki content as unencrypted plain text into some of their internal cache files for example. This is still in my TODO list, I have to research it. If anybody knows more - comments are very welcome.

I’ve recently learned that it is possible to install Node.js in Termux and I’d like to know if it’s possible to use TiddlyWiki through Node.js with one separate file per each tiddler, so all those files are always saved encrypted to disk/external media. Of course, the concern about eventual leaks of plain text data (see above) still applies. And obviously, I want to have the options to import an encrypted single file wiki and also export back as encrypted single file wiki.

Found this ten years old issue which is related to my question No encryption in node.js client-server mode · Issue #1073 · TiddlyWiki/TiddlyWiki5 · GitHub

When an encrypted single file wiki is loaded by the browser it will be decrypted as soon as you enter the password. It is in plain text in the browser memory. I don’t think that browsers do cache any site content in plain text in external files.

Hi @vuk the point about the security of browser caches is a reasonable one, and it is not my domain to be able to answer it definitively. However, for my own purposes I find it is reasonable to be fairly confident that modern browsers do not leak plain text when working with an encrypted wiki. The reason is that modern banking now relies on the security of browsers, and so if browsers did leak it would have a devastating global impact. That logic isn’t iron clad, but it gives a high degree of comfort.