> Your emails and data are encrypted from the beginning with a secret phrase that never leaves your computer.

Do you use a browser plugin?

Not quite understand question. If you asking how do handle secret phrase, its used to decrypt user object, that comes from server when you login

I just realized I asked you the same question before.

If the server got hacked, could it send Javascript that steals a users password (which you say "never leaves your computer"), decrypts user data, and sends the password and the data to the attacker?

Funny, Gmail will filter any invites/emails to spam.

Obviously this is not funny. It's pretty hard to deal with gmail, today they deliver it into inbox, tomorrow into spam :( In fact, invitation for me went to spam, but personal email not :(