This is good! As I said in another post, the reason I posted this here was to get feedback and improve. All of these points are excellent and I will address them and get back to you.
- This is symmetric encryption via AES-GCM, but asymmetric should work similar
- In-browser randomness (for key generation) is somewhat questionable, so try to read more about this topic
- This is meant as an intro to the topic - real security takes much more, like thinking about secure key storage, backup/recovery keys, etc.
