Better yet, wonder if someone can steal that safe, open it, then replace it with an identical looking one with the same note?

Two words: tamper seals

An envelope is easily steamed open.

And you better hope nobody bypasses the alarm. Or you won't know to check the seals until it's way too late.

It all boil down to trust. He gave it to somebody he trust, who also have their stake in PayPal. If you couldn't even trust the General Legal Counsel of your company, a secrets key might not be the thing you needed to worry about then.

This. You could tank the company by stealing their funds or simply burning the secret-storing computers down

But to what end? What more can you do with a printed envelop? ROT13 or Vignère that piece of text? Then write it with the Dancing Men alphabet?

The point is, you can only mitigate so much before it become an exercise in futility. The general counsel, if anybody, is the person that can actually bankrupt your company and get some nice money for himself using some legal tomfoolery. I doubt that if that was his intention, trying to decode a piece of base64 for a private key of the database would be the course of action that he would take.

The author was in a (then) startup. He had a sensitive document. He asked the Legal Counsel to keep hold of it and shred it after 1 days. And then forgot about it and went on and built more measure to defend against hacker, which is the more important threat actor here.

Know your threat model and expend your/your company limited resource on the things that matter.

If your adversaries are that sophisticated and / or have that much intimate physical access, I do not envy you.

Tamper seals are also easily non-evidently bypassed.

That seems a little paranoid, even for a company storing card data for millions of people.