In this case, the reason for not using Argon2 is that it's not available
Then it would naturally follow you wouldn't want to implement password-dependent security systems in JS.
I can respect the HTML file that stores an encrypted note. I just struggle in finding the use case given how files are supposed to be shared using secure platforms, and how client-side encrypted cloud and FDE take care of user's personal file confidentiality.
Perhaps you can just send a self-extracting piece and perhaps it's safe enough to deliver the password over the phone, but generally when your adversary sits in the backbone of the internet (i.e. when your default email isn't secure to begin with), you're in a world of problems. Even IF you're avoiding incidental collection, defaulting to any opportunistic E2EE like iMessage, or to any E2EE protocol that isn't authenticated is better UX-wise.
Thank you for mentioning Argon2, I didn't know about it. https://en.wikipedia.org/wiki/Argon2
> There is no reason not to use Argon2
In this case, the reason for not using Argon2 is that it's not available: https://www.w3.org/TR/WebCryptoAPI/
> Well if this product isn't for mass-market
This is a demo for self-contained HTML encrypted secrets. Do with it what you want. Definitely not a product in the current format.