[Metus]

Could you use something like confidential computing to attest over http(s) what software is actually running on the server? This would offer a very interesting trust model together with reproducible builds, where you could have the CPU attest over http(s) that it is indeed the code base published on Github/Gitlab that is actually running on the server and receiving your data.

[theamk]

You'd have to attest a lot of things to get this to work. Who else has the access to the database? Are there backups -- and how are they protected? Are you sure the server's private SSL key is not shared with other, non-attested servers? Are there any unsafe CDNs that are used?

You can kinda make it work with things like Protonmail which have heavy client-side encryption -- but this approach severely limits available features (for example, in Protonmail, you cannot search in message text).