Your data is end-to-end encrypted with ente. Meaning, they are encrypted with your keys before they leave your device.
These keys are available only to you. Meaning only you can access your data else where.
What follows is an explanation of how we do what we do.
When you sign up for ente, your app generates a masterKey for you. This never leaves your device unencrypted.
Once you choose a password, a keyEncryptionKey is derived from it. This never leaves your device.
Primary Device
During registration, your masterKey is encrypted with your keyEncryptionKey , and the resultant encryptedMasterKey is then sent to our servers for storage.
Secondary Device
When you sign in on a secondary device, after you successfully verify your email, our servers give you back your encryptedMasterKey that was sent to us by your primary device.
You are then prompted to enter your password. Once entered, a keyEncryptionKey is derived, and the client decrypts the encryptedMasterKey with this, to yield the original masterKey.
If the decryption fails, the client will know that the derived keyEncryptionKey was wrong, indicating an incorrect password, and will surface this information to you.
Since only you know your password, only you can derive your keyEncryptionKey.
Since only you can derive your keyEncryptionKey, only you have access to your masterKey.