How does Codebook protect the password blob?

In light of recent disclosures about Lastpass, could you point me to a writeup about how Codebook protects the password blobs that are saved on Dropbox or Google drive?

Hi @yunamc

Thank you for your support of Codebook and for posting to the discussion forum with this question.

There’s some additional information on how Codebook stores your changes when syncing on this page: Codebook Help - Sync Replication

Specifically this portion calls out the information I think you’re asking about:

When it’s time to sync, Codebook writes groups of these changes out to small encrypted SQLCipher database files we call shards that are then exchanged with the sync service in use. Each is encrypted using your Sync Key.

Let me know if this answers your question, and if there’s anything else I can do to assist. Thanks!