No. Lavabit had fundamental flaws where passwords were sent to the server so anyone who could decrypt the HTTPS traffic could basically access the content [1].
Skiff's password mechanism actually solves this flaw cryptographically using known, established primitives.
We use argon2id to take password and turn it into two cryptographic keys. One key is used for an SRP scheme to prove you have the password in a signing flow that bootstraps session management. The other key is actually the data encryption key. These keys are never sent to Skiff's servers and this generation happens all in the browser.
Lavabit really failed fundamentally in having actual end to end encryption because the password was sent to the server.
That's all moot though, since your server has access to plaintext emails when sending and recieving (99.99999% of email addresses would be outside skiff), which completely subverts the whole point of encryption. A vulnerability on the server could leak all user emails, without needing their keys.... This is a solution theoretically only as strong as encryption at rest.
