So I have been using Obsidian to structure my threat model, but I’m looking to save it on an encrypted space where can be accessible in both my PC and phone, and on Obsidian you gotta pay for that with their sync service. Not ideal for a local approach. I’m practically looking for new ideas.
So what do you guys use to keep your threat model?
Because under pressure or in stressful situations I won’t be able to keep my mind and threat model straightened.
My entire existence as a strict discipline.
Bro, before I even hit “Publish” on the forum you already responded to my post. 
That was record time.
Well it sounds like you want an open-source equivalent to Obsidian, and there are many personal knowledge management systems, but each of them have varying workflows. If you are interested in self-hosting something, I can provide an actionable roadmap. Whether you want it to be a PKMS replacement or just an encrypted note-taking app is up to you.
Is there anything like Obsidian, but is encrypted locally, that is suitable to be used with Syncthing?
If Syncthing is a critical dependency in your workflow, you can use Loqseq + Cryptomator + Syncthing:
If you are willing to forego Syncthing in favour of an all-in-one solution, Joplin has built-in E2EE:
I tested some like Zettlr and Logseq and they seem to be used for journaling and things like that. Zettlr seems to be less confusing and more straightforward than Logseq, but according to this GitHub issue they’re not interested implementing file encryption within the app. Not ideal. Logseq doesn’t have encryption features as well.
I don’t have the money to self-host stuff, so yeah… 
I’m currently testing Joplin + Syncthing and rolling an ecnryption key on Joplin using the “File system” sync option in Joplin and seems to be doing good, but Joplin lacks some features that Obsidian has by default, like Wikilinks support (you have to install this extension for that and installing extensions is not ideal for confidential setups) and other miscellaneous bugs like not being able to replicate a table like this:
| Test | Test |
|---|---|
| Query | Yes No |
| Test | Test |
|---|---|
| Query | <input type="checkbox"> Yes <br/> <input type="checkbox"> No |
Works with Obsidian. It doesn’t in Joplin and I won’t file an issue on GitHub and wait until they fix this bug because it won’t be important for them to fix it.
A problem with this approach is that on Android you’d have to extract all the files on your phone, edit the files and them repacking everything up, and that’s extremely unpractical. Opening Markdown files on Cryptomator for Android just opens a simple text editor. This works fine if you’re just on a computer, because Cryptomator allocates the files on a temporary directory. You can’t do that on Android unfortunately.
Okay, well as an alternative, I can simply talk about baking/embedding your own threat model into your own existence and bypassing any third-party dependencies, but the cost is zero downtime, you cannot clock out.