[kisamoto]

There seems to be a lot of skepticism in the comments but I can definitely see a use-case for this (I have no relationship to the project).

Ultimately, plain text data should never reach the server and the server will never have access to decryption keys either. Row level encryption; encryption at rest etc. is not the same as in those cases the data arrives at the server in plain text which can end up in logs, can be directed to other parts of the business or in invisible changes the server may just stop encrypting the data.

By encrypting client side, I - as a user - can be sure that my data can't be mined, analyzed or leaked.

I acknowledge that there is the poisoned binary attack - serving malicious javascript files to future visitors - but this may happen somewhere along the supply chain for any application. Whether it's an app from an app store (e.g. Signal) or a desktop app (Thunderbird + PGP) at some point updates are provided to client apps and as we have seen recently, even dependencies to these apps are vulnerable. SRI and maybe clearly showing the version of encryption library being used would probably go a long way. Services such as Proton also rely on JS delivered to the browser.

In short, a lot of applications could benefit from adding a layer of encryption to their data. The truly paranoid may not be happy putting their trust in a javascript blob but the vast majority of people would benefit from having a little extra privacy-by-default in their lives.