I was thinking more in the direction of general data like health records, or so.

But you are right, the above does not mention or solve multi device use. If your device is lost, how is this solved? Or how to sync between devices.

If you want instant online sync, you need your keys online. Yes. You are right. But that is less safe. And if you store your keys encrypted with your nsec, your not in a better position as you mentioned either.

I would differentiate between 2 solutions:

- Generally the data is local, you "just" sync between devices. Basically SyncThing.

- Generally the data is online, and you can access it from anywhere around the world. Basically NextCloud, OwnCloud, etc.

I think, Signal protocol and MLS in general deals with sending information in an encrypted manner with ephemeral keys, that are only used for one message, and then thrown away. So DMs are handled as local approach. It is encrypted in transit with a throwaway key, then locally it can store it with a different key again. How the history sharing is done, I am not sure, but probably done like SyncThing, and has to be only done once, because new messages are already sent to the new device.

I was thinking in the direction of the data online scenario.

What if, we combine my outlined expectations with MLS.

1. You have a main device, that encrypts data, every event with a different key, and stores it on relays. Keys stay only local.

2. When introducing a new device, you setup a double ratchet with other device, and send every generated new key to the other device.

Then encryption keys stored on relays will have the properties of MLS.

So basically your data is online approach, your encryption keys are local approach.