I'm in the process of changing my note taking from Standard Notes to Obsidian, and I am trying to figure out how I can sync notes between my laptop and Android device with the notes encrypted. I thought I had the solution by encrypting with Cryptomator and syncing the encrypted vault with Syncthing. But I realized that Cryptomator on Android does not work by mounting a new drive like it does on Linux, so Obisidian could not access the unencrypted files. So now I am not sure where to go from here.
My requirements:
Notes are synced both ways between laptop and phone
Does the disk encryption of Android count as encrypted at rest? If not, I think this will be a hard requirement to meet.
That aside, I'm having good luck with Synching. I think there's a bit of a learning curve setting it up, but you don't really have to touch it once you're done.
No, as I'd want it to be protected in the case someone gets a hold of the device in an unlocked state.
I found Syncthing very nice to work with, and successfully synced between my two device, so I would love to keep using it. But as it is now, I would have to sync the unencrypted files on both my devices. Not sure how it will behave if I try to sync the mounted drive on my computer, if the vault is locked.
My only guess is that you could maybe use Termux to set up a gocryptfs mount that Obsidian could use, but I'm not sure if that would work or not. gocryptfs encrypts files physically on the drive, but exposes them unencrypted under a transparent logical mount.
Edit: DroidFS uses gocryptfs in the backend, maybe that would be easier.
I have been thinking through this exact problem in the past few weeks. Let's write back with what we come up with! I'm going to explore the DroidFS suggestion.