What I'd like to propose is a client-side encryption feature to protect data at rest - by encrypting the file content before uploading it to a server.
I guess it is mandatory to re-use existing code for the encryption task. The cryptomator library might be an reliable option to store files in an encrypted cryptomator vault on a remote server. It looks like this is how Cyberduck implemented the encryption feature in their file transfer client.
But there might be other projects (gpg?/veracrypt?) which provide similar functionality as a cryptomator vault.