I made a minimalist webapp for public-key encryption. How can these problems with its UI/UX be addressed?

chausies.xyz/encrypt

I probably don't know the first thing about UI design, so I wanted to get some more expert input. Forgive me if this is an inappropriate question to ask here.

Half of my feedback has people praising the minimal design of the app, and how it's simple without a hundred options overwhelming them. They use the site quickly and easily without a hitch. The other half of the feedback is people just saying "the UI is shit", with no one giving anything concrete I could change or fix. So does anyone have any idea about what these people find "shit" about the UI?

Also, one problem in particular that has come up too often is they use the webapp wrong and get confused, even though the exact 3 uses are written explicitly at the top in simple language as the first thing. For example, users will enter both a Password and a Message (probably expecting the Message to be encrypted with the password as the key), but that's not one of the uses of the app written right at the top. How can I make it any more obvious how to use the app? I'd very much like to avoid making separate tabs for the 3 uses, to keep the app minimal and simple, but am I just wrong to have that sentiment?

Finally, the idea was that the site could be understood and used by a complete layman unaware of cryptography, but seen by a crypto expert and quickly found to be legit. So my last three questions are:

  1. Is the language simple and intuitive enough to be grasped by a layman? If not, how could I improve it? One of the big things you'll notice I did was to call a public key an ID, a term much more familiar to people.
  2. Is the CAUTION placed optimally? And should it be made more concise?
  3. Is the security jargon placed optimally? The big points I tried to place at the top so even the laymen can feel secure seeing it (the webapp uses only client-side JavaScript, doesn't interact with any server, and runs perfectly offline). The more technical points that I felt were still necessary to put in a crypto expert's face, I put at the bottom (the website is fully open source, served by GitHub, and the files are guaranteed to be delivered via TLS from the GitHub repo for the webapp). Finally, the actual in-depth security overview is linked to as a separate webpage, in case a crypto expert wishes to see that. Is this done alright? Is it too much/overwhelming the simplicity of the main webapp?

Lastly, if there are any general pointers about the overall look of the website, and how to make it more pleasant to look at (if that's what it needs), that would be welcome.