So this prevents a man in the middle style attack... and many other attacks. Sounds like an awesome feature to try out!

I don’t get it; Supabase still has your key, what’s stopping them from using it to decrypt and then read the data?

Vault and auth are Supabase best features. I cam from a tech risk background in a regulated entity. The alternative would be to use Hardware Security Module or Key Management Server like Amazon KMS, so having this natively integrated within SB is a great way for secure key management

this is really cool! i'm following the concept, but can y'all provide an example of safely accessing a secret from the client-side js lib (like from a website)?

when will this be available?

I have a question... I created a table with an encrypted column, and gave pgsodium_keyiduser permission to authenticated users. Using the API, I can now save into the table "normally", but I get encrypted values when reading from the table. How am I supposed to decrypt the column? Am I supposed to make an RPC, that does this? Or are there some built-in methods in the API that do it for me?

this is great! ty

And this is different from using `$ supabase secrets`?