Yes a good thing but not a giant leap for mankind. By necessity, the encryption key itself will be stored in working memory in both the current and 1-at-a-time scenario. With it, one can decrypt any entry in the database. It’s just a bit more work for the bad actor.
To truly achieve stores unencrypted data in memory only what is needed, set set your “vault timeout” to lock and immediate. This purges the encryption key when not in active use. This is available today.