#Dioxus fullstack secure communication

I'm thinking of switching my tech stack over to Dioxus, but first, I want to see how people would solve one concern I have with data being called from front/back end. I currently use DuckDB-WASM with React for business intelligence dashboard services, and the single-thread restrictions in WASM bottleneck the data processing. However, it is very secure because data is inserted over encrypted files, and the user can't inspect the data because the processing happens in the user's browser, so no http calls are made between front/back. How can I secure the data with Dioxus front/back end communication so that users can't just inspect the data in the browser network and copy and paste the data from http calls from DuckDB running on the backend? What would be the most efficient way that works with Dioxus: websockets w/ encryption, protobuff?

I don’t have anything to add about the actual question, but to get another thread for data processing you can look into service workers
I believe they can be used to do work in the background on another thread that won’t block your gui

Good point with service workers. I've been thinking about that. DuckDB's WASM version is working on that with future updates too. If I can use the full feature DuckDB on Dioxus's server, it could also remove the WASM container limit of about 4gb. So I can just load up everything at once.

and the user can't inspect the data because the processing happens in the user's browser, so no http calls are made between front/back
not sure if I understand this correctly. users would still be able to inspect the full JS/WASM code and all of the memory, so they'd always be able to reverse engineer the encryption and read the data unless you use something along the lines of EME and its hardware decryption stuff (though I have no idea how usable that is outside of media and without google licenses)
same would go for any encryption of communication with the backend

i understand hiding the data from 3rd parties, which can be done with established technologies like HTTPS/TLS for backend communication.
but why hide data from the user in the first place?

smells of https://en.wikipedia.org/wiki/Security_through_obscurity

so that users can't just inspect the data in the browser network and copy and paste the data from http calls from DuckDB running on the backend
if you exposed your DuckDB and want to prevent users from running arbitrary queries, while your public frontend is able to generate arbitrary queries via some algorithm, you should rethink your architecture, as it's pretty much impossible to do securely.
usually you wouldn't expose your databases directly, but integrate it into your dioxus fullstack backend and expose server functions that execute controlled queries instead. that way the user has no way of getting access to the database or executing queries against it, even if they can read all the traffic between themselves and the dioxus backend.
that way you could also prevent users from accessing data you don't want them to access