[crispyporkbites]

Subresource integrity means you could trust Eve in some cases. Also if Eve provides a script tag from a trusted CDN it could work. You would have to check it every time though.

What might help is a browser extension that tracks changes and allows you to “lock” into a version of a website.

[e12e]

Technically Sri only reduces the amount of trusted data you need to keep around; you'd need an index.html that loads gpg.js and a js client that talks to a server (eg: jmap or a bespoke jsonapi that allows getting/sending mail).

This is pretty much what browser extensions do; bottle up some hypertext resources, signed and versioned.

You still have three obvious threats: local superuser can read application memory etc; your local user can read your memory and any browser compromise/bug can likely read your browser/session data.

The real question is if the browser sandbox is ever likely to be good enough that you don't have to worry about a font file from a compromised website about kittens reading your email in another tab.