Encryption - motivation
Just saw this really excellent article about disk encryption - this explains better than I could the issues with encryption at the block layer:


This also explains the motivation for doing encryption in bcachefs: with a copy on write filesystem, where we can take the needs of encryption into account when we're designing it and specifying the on disk format, we have an opportunity to do a whole lot better than the current state of the art.

In particular (and I should say this more explicitly in the design doc) - the goal is to be secure even when the disks are on network attached storage (e.g. iSCSI), and an attacker controls the storage server. Existing full disk encryption is definitely not good enough in that situation.