Should be noted though Tresorit has had numerous third party audits unlike MEGA iirc.
One of the specific points here was:
Perform review with specific attention to Tresorit’s claim regarding end-to-end encryption and identify security deficiencies, vulnerabilities, architectural deficiencies or any other deficiency that may potentially undermine this claim.
The latter one covered:
- web client
- Android mobile client;
- Windows desktop client;
- and the related infrastructure.