bcachefs seems especially exciting because the built-in crypto uses authenticated encryption in the form of ChaCha20Poly1305. Most disk encryption operates in an unauthenticated mode (such as XTS) which means the ciphertext is malleable on disk. This makes it's useful only for the case of your laptop getting stolen out of your car in the parking lot while turned off, but not for many more complicated scenarios (like trusting the data once the police recover your stolen laptop). With authenticated encryption, you're able to guarantee the authenticity and integrity of your files, in addition to encrypting them. Really great. The authentication tag naturally, then, doubles as what ZFS people refer to as their "checksums". I'm watching bcachefs closely to see how it matures.
> Like trusting the data once the police recover your stolen laptop.
If that's your scenario, then you should also expect EFI-level implants or extra chips. Having authentication isn't a bad thing... just don't expect it to be enough.
The only thing you can safely use that machine for post-capture is to read a still encrypted disk image over the network.
http://bcachefs.org/Encryption/