How would encryption even make sense here? Up to the server, everything is protected via TLS. And if you don't trust the server provider, you can encrypt all you want, but they can just read out the RAM of the VPS or they could have backdoored the bare metal hardware to do the same. As long as the server has to somehow work with the data in question, the decryption keys have to be somewhere in there. And what do you mean by code integration? We're talking FOSS here, how could someone prevent me from removing any "is everything encrypted?" checks in Mastodon? Also, what does the encryption on other federated instances even matter? Without having any in depth knowledge about Mastodon, your user agent will hardly be sent to other instances, and when and what you posted is meant to be visible.

I've used it quite extensivly, big fan. It asks for further details on objects that have already been mapped, which also reveals things that don't exist anymore. It turns mapping into a really fun game with currently 163 different quests. The app also regularly asks you to verify opening hours or confirm the existence of certain objects. That being said, I almost always use it in conjunction with a real map editor, to add new stuff I find or to make more complex edits.

What's missing from the existing ones?

That's what I've been using for a few years now, with SimpleCalendar (soon Fossify) on my phone. Didn't have any problems yet.