Nice potential... but also challenges...
Very nice to see the transparency and the bug bounty startup. Demonstrating good practices.
Concerning the client side, I believe WebAssembly would be a good bet as well...
One principle of choice: Authentication, Authorization & Auditability which are key principles to achieve adequate governance and compliance in a business setting
- Security by design: only relying on the URL to keep a file encrypted is not thé best choice (protecting the encryption secret)
- Auditability: how to demonstrate who accessed the file (or unencrypted content)
- Authentication: how do you know "who" is the person accessing the information (unauthenticated access by design on the platform)
- Short lived links (24 hours) to enable download is perhaps short in a user to user or interactive setting, but a good mechanism to avoid brute force or unauthorized access