@DeNotulist That is interesting. And, if I were storing highly sensitive information, I would definitely want to keep that in mind. This is beyond my expertise, and I may be wrong, but like @DeNotulist mentioned, the open sourcing of the part of Obsidian Sync that establishes the vault password could possibly be a very reasonable feature request to create.
I already use Sync for some things. To me, if something like this were implemented, it would be an unnecessary yet still appreciated gesture from the developers. Again, I don’t understand this enough to assess whether this piecemeal strategy would even be feasible to create or effective in the end to quell this type of concern. For all I know, adding something like this very well might open the door for additional risk. Why not create a request? And, if it made sense to the developers and enough potential Sync users, it may be a net benefit for all.
Thanks.