I really, really don’t want the time of the devs sidetracked into a wild goose chase after a level of security that will never be possible.
Undoubtedly there will be plugins that use a database, and maybe cloud storage. Users will have to decide whether they are happy to do this or not. Judging from requests and the popularity of Roam many will be.
Think of Apple’s approach. Total control of all hardware. High prices. Downloads through Apple Store with 30% to Apple. All largely underwritten by the insanely profitable iPhone. And still security holes emerge.
Obsidian will never be able to approach this level of security and it’s much more honest to say that Obsidian itself keeps data locally itself, that users have to be responsible for the security of their local files. And that they will have to make their own judgements about plugins.
And for the devs to spend their time developing mobile apps, wysiwyg and other core features.