Encryption is only part of the story
When people hear AES-256, they often stop at the length of the key. In practice, the mode of operation matters just as much as the key size. AES-256-GCM is popular because it provides both confidentiality and integrity.
That second part is important. Integrity helps the recipient know whether the ciphertext was altered. For a secret sharing app, that means the data is not only hidden but also protected against tampering.
Why authenticated encryption is a good fit
Browser encryption should be fast, reliable, and hard to misuse. AES-256-GCM fits that pattern well because it gives strong protection without requiring complicated steps from the user.
For most note-sharing workflows, the user should not need to think about cipher modes at all. The application can choose a safe default, expose a simple interface, and focus the user experience on expiration, read limits, and delivery.