So, sadly, in this case both of you are partially correct:

Radtraveller is correct that there are drives out there with active garbage collection. Drives originally implemented this ~15 years ago before TRIM and UNMAP were standardized. They do it by scanning the volume in that background, looking for things like free volume bitmaps, and trimming out blocks based on parsing those. One can imagine a slightly more clever version where the drive figures out the LBA's of data structure backing things like bitmaps and tracking updates in real time instead of background scanning, but I am not sure if anyone ever did it that way. Either way around it is strictly less efficient than having the OS tell the drives which blocks to collect, and can cause data loss if the OS ever revs the volume format or uses an access pattern that the drive does not expect:

So it exists, and it is terrible. There are a whole of other problems:

1. It only ever worked with specific filesystems: generally NTFS, HFS+, and the various FAT based filesystems. Maybe some supported of ext2/3/4
2. It completely depended on the filesystem being used in a normal access pattern. Various LVM operations (like an offline repartition) might break those assumption in ways that can lead to data loss if the drive GCes while it is happening.
3. It is completely incompatible with any sort of full disk encryption like BitLocker or FileVault. This is an inherent limitation of the design since to perform active garbage collection the drive needs to read the filesystem structures, but with encrypted filesystems they keys and decryption are handled by the OS and the drive never sees the encrypted blocks. Sit there and wait in your boot loader as long as you want, it won't figure out and blocks to GC.

In practice it is just sitting there dormant and unused on any modern drives these (or hopefully everyone removed it from their controller firmwares after TRIM became prevalent). There are a few reasons for that:

1. Many more people use encrypted filesystems
2. Even people who don't tend use newer OSes which may have newer filesystems (or versions of filesystems) the drives don't understand. Most of these firmwares have to be super paranoid about volume format changes. And since the whole thing was a legacy hack that means that any OS with a new enough volume format change will also be new enough to support TRIM, which means vendors have little incentive to keep revving and incredibly complex piece of code that performs worse).
3. Some of the drives that did support AGC used explicit TRIM commands as a single to disable it, and all modern OSes issue TRIMs.

Back when TRIM was being standardized I had a 50+ page argument on an SSD vendors website where I was asking about the status TRIM in their chipsets. A whole bunch of enthusiasts essentially thought TRIM was unnecessary, and kept asking. It was super depressing because several people who had worked on filesystems, HDD firmwares, and storage controllers chimed in and tried to explain how there was simply no way for the drive to know what blocks were to safe to GC for arbitrary FSes and their implementations, and that TRIM was a necessary interfaces to channel the info from the drive to the OS. Unfortunately we were drowned out. by people who essentially kept asking "But how do you *KNOW* they have not designed a magic algorithm that knows about every volume format and the access pattern of every implementation of those formats and can magically decrypt everything to do GC correctly?" Clearly I found it scarring since I felt motivated to create an account here to post this ;-)

So, sadly, in this case both of you are partially correct:

Radtraveller is correct that there are drives out there with active garbage collection. Drives originally implemented this ~15 years ago before TRIM and UNMAP were standardized. They do it by scanning the volume in that background, looking for things like free volume bitmaps, and trimming out blocks based on parsing those. One can imagine a slightly more clever version where the drive figures out the LBA's of data structure backing things like bitmaps and tracking updates in real time instead of background scanning, but I am not sure if anyone ever did it that way. Either way around it is strictly less efficient than having the OS tell the drives which blocks to collect, and can cause data loss if the OS ever revs the volume format or uses an access pattern that the drive does not expect:

So it exists, and it is terrible. There are a whole of other problems:

1. It only ever worked with specific filesystems: generally NTFS, HFS+, and the various FAT based filesystems. Maybe some supported of ext2/3/4
2. It completely depended on the filesystem being used in a normal access pattern. Various LVM operations (like an offline repartition) might break those assumption in ways that can lead to data loss if the drive GCes while it is happening.
3. It is completely incompatible with any sort of full disk encryption like BitLocker or FileVault. This is an inherent limitation of the design since to perform active garbage collection the drive needs to read the filesystem structures, but with encrypted filesystems they keys and decryption are handled by the OS and the drive never sees the encrypted blocks. Sit there and wait in your boot loader as long as you want, it won't figure out and blocks to GC.

In practice it is just sitting there dormant and unused on any modern drives these (or hopefully everyone removed it from their controller firmwares after TRIM became prevalent). There are a few reasons for that:

1. Many more people use encrypted filesystems
2. Even people who don't tend use newer OSes which may have newer filesystems (or versions of filesystems) the drives don't understand. Most of these firmwares have to be super paranoid about volume format changes. And since the whole thing was a legacy hack that means that any OS with a new enough volume format change will also be new enough to support TRIM, which means vendors have little incentive to keep revving and incredibly complex piece of code that performs worse).
3. Some of the drives that did support AGC used explicit TRIM commands as a single to disable it, and all modern OSes issue TRIMs.

Back when TRIM was being standardized I had a 50+ page argument on an SSD vendors website where I was asking about the status TRIM in their chipsets. A whole bunch of enthusiasts essentially thought TRIM was unnecessary, and kept asking. It was super depressing because several people who had worked on filesystems, HDD firmwares, and storage controllers chimed in and tried to explain how there was simply no way for the drive to know what blocks were to safe to GC for arbitrary FSes and their implementations, and that TRIM was a necessary interfaces to channel the info from the drive to the OS. Unfortunately we were drowned out. by people who essentially kept asking "But how do you *KNOW* they have not designed a magic algorithm that knows about every volume format and the access pattern of every implementation of those formats and can magically decrypt everything to do GC correctly?" Clearly I found it scarring since I felt motivated to create an account here to post this ;-)

So is trim safe to use on encrypted SSDs or not? Does it risk leaking the keys or information about the disk or are the OpenBSD devs just blowing hot air by not implementing TRIM?

Or spectre variant 1 mitigations. None of the BSDs do.
And before anyone asks, no, disabling hyperthreading does nothing about spectre v1.

Given that definition, removal of the hyperthreading does fix it. When hyperthreading isn't there, v1 cannot be exploited.
If you had Zombieload in mind (which isn't Spectre v1 but different can of worms), that got patched ASAP.

Or spectre variant 1 mitigations. None of the BSDs do.
And before anyone asks, no, disabling hyperthreading does nothing about spectre v1.

I took trouble to actually TEST your claim out on FreeBSD.
Used leaky.page site for that. Not a shit leaked through. Messed with it quite a bit on that site.

Congratulations, your test means nothing because you don't understand what spectre variant 1 is.
Variant one must be patched per-program. The browsers are patched, the kernel is not.

And pray tell me, what is the most obvious & and highest-risk attack vector? Web browser.
System sources come from FreeBSD's project repositories, same with optional programs.

There is no "Linux (or especially Windows) problem" of downloading random binaries from semi-unknown 3rd party repos and running those..

Anything you try to install through FreeBSD Ports gets first pulled as it's original upstream source tar (whatever software it happens to be), unpacked, patched by automatic system to make it workable on FreeBSD and compiled/registered in package database.