Is it possible that when importing an encrypted database from iCloudKit, DT would not recognize it as being a sparse image and copy its content into a non-encrypted database ? How to prevent this ?
are you syncing or up- and down-loading databases from Apple’s CloudKit servers?
Yes, this is possible and also by design.
The sync data isn’t in a sparse image so you can import it as an unencrypted database or an encrypted one.
If you want it to be an encrypted database on the importing machine, you need to import it as an encrypted database, including specifying the size and encryption key on that machine.
What’s the process ? Do I create an encrypted database locally and force the remote to sync with it ?
Do I create an encrypted database locally and force the remote to sync with it ?
You Control-click the database in the Remote section of the Databases list for the sync location, and choose Import Encrypted Database.
Alternatively, you simply copy the (closed) database from device 1 to device 2 (e.g. using Airdrop, a USB stick, external drive etc.), open the database on both devices and the set up sync.
(Your suggested solution wouldn’t work, btw - databases are identified via their ID rather than their name, so a database created on the second device would not sync with a database of the same name on the initial device; it would have a different ID.)