Instead of trusting a third party to protect your credentials, you're trusting an auditable, open source platform. I cant see myself using it for anything important, but I understand the draw.
Any password manager that does the encryption stuff in offline, open-source software and puts it on any untrusted storage provides that, with the difference that it does not require making your encrypted copy public for all eternity, exposing it to unnecessary risk of compromise down the road.
There are risks either way. There have been plenty of vulnerabilities in popular password managers (some that also apply to this blockchain model). But I think your AES encrypted password being publically visible is a pretty low risk, compared to a PW manager being breached, having a flaw in the client, their being coerced by government, etc
How is this project any less at risk for those client-side implementation risks you mention? Basically, why should this nascent project be trusted over, say, KeePass?
On reflection, this is probably not as stupid as it sounds.
The point is using blockchain to store your (encrypted) data. It's not feasible to backup everything this way, but a list of passwords is short enough.
If all you do is open source and the only things you need to back up privately are passwords, this way you can avoid having your own backups at all.
But why would a blockchain be any better than a peer-to-peer filesystem, for example?
Also, it seems like a really bad idea to have your encrypted passwords open for anyone to have a crack at - any flaws in the b.lock encryption protocol or implementation could have disastrous consequences. Unfortunately I wasted some minutes of my life looking into their encryption, and it's bad (not using authenticated encryption, using a malleable encryption mode (CTR), directly encrypting secrets with your wallet private key...)