We currently support DNS over TLS, and are looking at other options in the space. So if folks want dnscrypt I can take that feedback back to the team and see what we can do for you guys. From my perspective the calculation on private encrypted dns server over something like our service comes down to your threat model. We are trying our best to be as transparent as we can on what we do, how we do it etc so we can earn trust. That being said, trusting any thing you dont 100% control and 100% monitor every little thing on starts to erode absolute security/privacy/control. The one thing that sets us aside from a private server is the infrastructure we use, it is a growing anycast cloud spread across the globe, that with usage (helllooo hot cache's!) should provide better performance then a single locale/remote recursive server (or chain of servers).
I'm pleasantly surprised that you support DNS over TLS but I barely know how to use that. Dnsmasq doesn't support it yet for example and that's the forwarder I use at home.
To clarify, I have a dnsmasq but I also have a dnscrypt forwarder. Dnsmasq only resolves LAN names and forwards the rest to dnscrypt.
So I'd have to forward to a service that supports DNS over TLS to use quad9.
