I was wondering how/where Cryptomator stores its config files/stored webdav credentials on android, and are they protected/encrypted in any way from viewing outside the application itself.
Scenario. (Tin foil hat question!)
I have 2 email accounts.
me@google is very public. I use this with my android phone/apps, expecting google and any 3rd party app with privileges (eg get_accounts) to know how and where I use this. I have no expectation of privacy here, its linked to my phone number / social media apps etc.
me@secure is very private. I use this with a limited set of ethical people/providers. I keep it well clear of facebook/google etc. For this reason its never signed in from my android phone.
One of my cloud providers is registered with my secure email address.
If i create a https://webdav.myserver.com:443 account Within cryptomator for me@secure , is this email address or webdav password exposed in any way to the underlying android OS or file system?