To be clear, this is still a better situation than centralised platforms: if you don't trust Twitter, then you cannot use the platform at all. The only way to defederate from the Twitter admins is to delete your account.
Mastodon does encrypt your posts between clients (browser/app) and Mastodon servers. It also encrypts your posts between your Mastodon server and other Mastodon servers. But your post is decrypted and re-encrypted for each hop.
This provides protection against people other than the admins of the servers reading these messages (your ISP, other people on your WiFi network, the CIA, etc.), but not the admins.
For that, Mastodon would need to implement end-to-end encryption.
With end-to-end encryption, your client would encrypt your post so that only the intended recipients can decrypt it before sending it to your Mastodon server. It remains encrypted until it reaches the client of your intended recipient, who then decrypts it and reads it.
This adds a lot of constraints to a system, and is not easy to implement. I'm not going to pretend to be an expert on it, so here ends the thread, lol
Hometown is adapted from Mastodon, a decentralized social network with no ads, no corporate surveillance, and ethical design.