It's also an incomplete assessment - anyway who doesn't take a backup before entering into the unknown (or inexperienced) world of new tools? - PEBKAC

If you follow the instructions properly, this issue is a non-issue.

Of course I resorted from backup. And then I stopped using the application which has such problems.

Still, after discovering that the keys were in the log file, it was definitely a “final nail in the coffin” for me.

Have you read this?

https://joplinapp.org/spec/e2ee/

Master Keys

The master keys are used to encrypt and decrypt data. They can be generated from the Encryption Service and are saved to the database. They are themselves encrypted via a user password using a strong encryption method.

These encrypted master keys are transmitted with the sync data so that they can be available to each client. Each client will need to supply the user password to decrypt each key.