There is no comparison between Crypto AG and us. Our encryption occurs client-side and our cryptographic code is open source and backed by third-party audits: https://proton.me/community/open-source
One thing that might put others at ease is having a way for client-side code to NOT be automatically updated, as some view this as a type of backdoor or method that malicious code might be injected without being noticed, even if unintentional.
Do you really expect anyone to be able to answer this? How would anyone ever know before it's too late? Nobody would use it if they knew, and they know that too.