A step-by-step guide to independently verify that Obsidian Sync actually encrypts your data end-to-end. It explains the encryption pipeline: vault password + salt → scrypt → base key → HKDF → AES-256-GCM. Instructions cover how to retrieve your vault's salt and encryption version via the browser console, capture a WebSocket sync message from the Network tab, and then decrypt it using a Node.js crypto snippet to confirm your encryption key is working correctly.
Table of contents
How Obsidian Sync worksGetting your vault’s salt and encryption versionDecrypting dataSort: