Confidentiality is my only concern in the case of malicious modification. Remember, that availability and integrity of your database can be broken without an attacker, just due to hardware problem, for example. So it is up to you to have a cold backup for such a critical asset.
Over time, the database will be composed of both
correct and corrupted entries, making it difficult
to reconstruct the damaged records from a backup.
I don't know enough about cryptography to be able to say whether it's possible to break a particular cryptographic protocol by blindly altering the ciphertext, but I do know plenty about human nature and backups. It's _highly_ unlikely that normal people keep more than a handful of backups. My own personal backup retention limit is on the order of 30 days, and that's with careful planning. Silent, on-going data corruption happening to a password database seems like a very reasonable thing to concern oneself with, especially if one's expectation was that the password manager would throw some kind of data integrity error whenever said database was accessed.
