Implementation of Jumble Journal Integration with reMarkable 2

Security First Architecture

In this integration an email is sent from reMarkable to a private email address provided to users of Jumble Journal.

Jumble Journal is a React SPA web-app. The backend is built using AWS Serverless tools.

Upon receipt of the email, AWS Simple Email Service (SES) automatically forwards it to a Simple Notification Service (SNS) topic which is consumed by a Lambda Function. The Lambda stores the email body in S3. The S3 file is encrypted using AWS Key Management Service (KMS). The Lambda function has exclusive access to this encryption key. The text is never logged or stored in plaintext.

The next time the user logs in to Jumble, the entry is decrypted and returned to the client app. It is immediately re-encrypted with the users private encryption key. This key is derived from the user master password which never leaves the browser. Jumble is built with client-side encryption architecture so no one is able to read you journal entries, even the engineers at Jumble have no possible way to decrypt your entries since the decryption keys never leaves the browser. We believe in full data ownership.

See the Jumble Security White Paper regarding the client-side encryption architecture.

Try it out! I’ve written a quick guide.

For those interested, there is an explanation of the motivation behind this feature.

Thanks for reading! I hope you’ve found something useful or interesting here.

• Join Medium through this link for more articles on building SaaS products.
• Follow me on Twitter where I share my journey to $5k MRR.
• Follow me on Twitter