I'm building one. When you start with the idea that it's going to be encrypted and that you won't know what users are sending back and forth you have to make some concessions but functionally I don't think the average person would even know that my application is encrypted from a UX perspective. You need to handle abuse client-side, it requires a bit more thought but I'm sure that's not beyond Facebook.