Fantastic stuff, and extremely important. As a developer, I'd absolutely love to have this in a mainstream database, supported by the tools. What violates my Tos is simply how little money goes into this stuff, and how much into weaponisation. If even a fraction of the money they spent on that went into making this mainstream (and correspondingly making it mandatory for large classes of data storage), then we might be somewhat safer online. But then, they hate encryption, especially the stuff they can't read(!)
Ehh.. You have this, and then you have OS'es that leak and **possibly offensive word removed** your data all over the place. So what's the point?
I think - although it would be more complicated - that these techniques outlined for back-end databases could also be extended to the untrustworthy client OS. If the data the OS sees is always encrypted, then you might get some more protection. For example, this could work with external hardware (e.g. dongles, keyboards), that performed crypto operations outside the address space and control of the main client, in which case the OS doesn't see the real data, but can perform operations on it. For example, this could securely protect against KSL, even if the OS had been owned. "All" that's then needed is an encrypting windowing system(!)
