Currently, data is currently encrypted on the Realm client device but stored unencrypted in MongoDB Atlas.
I would like to implement Zero-Knowledge encryption, where the service provider does not know the content of the data, with field encryption for actual data.
The private key would be generated on the device and not stored on the server, only accessible to the user.
It is unclear if this is possible with the current version of Atlas Device Sync/MongoDB Atlas.
Ideally, I would ensure that the data on the device remains accessible for search queries while logged in, and synchronization will not be affected by encryption.
I’ve seen this post on Stackoverflow which mentions possibly using 2 databases - one synced with Realm and one not.
Is there a feasible approach for encrypting the data with a private key before it is sent to the server for synchronization?