Good on you for seeing a problem and making something to solve it!
That said, I'm a bit confused about the use case. Wouldn't it be simpler and more secure to have all the encryption occur on the client side, and have the server be a dumb encrypted blob store?
Put another way, I think OpenADP tries to solve the problem "I don't trust hosting providers in any single sovereign nation" by splitting the trust between multiple nations; whereas it seems like it would be even better not to trust any of them.