The current Joplin encryption strategy aims to protect the confidentiality of information on the network and this is certainly a good thing.
However, if I lose my mobile phone or my laptop is stolen, the passwords of the bank account become available! Do we want to call this "confidentiality"? It is a pity that Joplin's excellent work is undone by this paradoxical naivety. When any one opens Joplin, the encrypted notes must not be readable unless the user knows the key to decrypt them. It doesn't seem difficult!
Don't you think it is necessary to change the current strategy? Tell me if you plan to change please because the solution is simple: I can do a couple of routines to locally encrypt the notes to be saved and synchronized and to locally decrypt the ones I want to read. Python has a great library for doing this!
PS. I read a post in the forum in which the user claims to have forgotten the encryption key but this did not create any problems for him because he just continue working as if nothing happened! Didn't Joplin strategists blush reading this post?