Comment by misnome

FWIW unless they are outright lying this is a choice, one of the choices when setting up a vault is E2E that you have to enter whenever setting up a new sync, but they are really clear that if you lose this password you are at the whims of your own backups.

They do also publish the “verify the encryption steps” for this.

Of course, depending on your threat model this could be insufficient, but then you probably wouldn’t trust obsidian in the first place.