Most secure solution for storing sensitive data on your Coda docs.
Create new secrets, set permitted user lists and copy or decrypt the secret when needed.
Audit log recording all interactions with secrets whether it be creation, decryption or encryption.

Inspiration

Problem Statement

Like any other content and collaboration platform, Coda requires a way to create a safe and reliable space for users to create, collaborate, and share content. However, Coda can do that on the document/page level, primarily because Coda is a platform that teams use for intricate financial management, task management, and other confidential information within and across teams.

Use Cases

Coda doesn't have a way of limiting access to some aspects of a document.
Financial and confidential information can be easily exposed on users' screens.
A piece of a document may need to be shared with specific users through its lifecycle. The document then may need to be delegated to specific users depending on the content stage.

What it does

Encrypting pieces of content independently on a Coda document.
Ability to add/remove users who can decrypt and view the protected content.
Present the audit log of the encrypted content.

What we have learned

Build with Coda CLI & Coda Pack SDK
Coda formulas & templates

Challenges we faced

Data can't be stored on Coda other than on the doc itself or as authentication tokens.
No user groups available.
Packs can't include elaborate non-sync table structures. Users have to copy templates to get the doc structure.
No visualizations or custom UI.
No access to the window object.
Pack formulas can't determine who the current user is.

What’s next for CoPASS

Implement the “user groups” so the owner could share the encrypted content with a group of users instead of individual person.
Implement the “Request for access” feature so whoever needs access to the encrypted content could request permission. The owner can then review the list of requests and approve/reject accordingly.