Alright mate, so for the 99.9% of cases encryption at rest is enough. For data you truly don’t want cloud providers to see, just use end-to-end encryption.

But no one has to run their own servers. The only reason I see them doing so is to provide redundancy in case the cloud providers want to DELETE some data or take nodes offline.