I think there is an easier way to implement it and cover a wide variety of needs. And I myself would love it!
Let us assume everyone has his own master vault (i.e. the one you are using just right now).
Imagine you just add a new type of password entry ("enpass-vault") where you define:
the name of the embedded vault
the file_name of the vault file
the master password for this embedded vault
define read-only or read-write behavior
setup synchronization for (i.e. different dropbox account)
Now the enpass app will at its start scan the main vault for t