Comment by SahAssar

This relies on the browser, and it's not even setting relevant browser security features like CSP. It also loads scripts from multiple domains like umami.is and esm.sh, includes google fonts. It uses vercel for hosting.

So you are trusting at the very least the author, umami, esm.sh (including the authors of all of those packages) and vercel.

This is not how you code a security-sensitive app.

There also is a database, it's just indexdb/localStorage in your browser.

It's an old idea to use in browser static pages to encrypt data, this solves none of the problems with the idea, but is just glitzy AI-written marketing copy.