Beeper has been talking about running on-device bridges rather than server-side bridges. So presumably that would allow encryption to the user's device, then re-encrypted on-device to Matrix then sent to Beeper.