It all depends on how the data are encrypted. With a sensible design capturing the encrypted storage will only reveal the number of encrypted records, rough estimates on their size, and time stamps.
Ideally it would be an opaque blob with no information about the number of records or their size, just the total size and maybe a last modified or accessed time.
Password managers typically offer to store images like document scans. Without per record encryption one needs to send the whole encrypted blob on each modification.
Not necessarily. You can have a write-ahead log which also consists of opaque blobs and which other devices can pull and reconcile on their own. At some point, a whole reconciled version is uploaded.
