Comment by socketcluster

Yep. Then you run into the issue of where to store the secret encryption key.

Security researchers always need to give an answer whenever there's a security incident and the answer can never be "too much centralization risk" even when that is the only reasonable answer. You can't remove centralization risk.

IMO, the future is; every major centralized platform will be insecure in perpetuity and nothing can be done about it.