CREATE FUNCTION testFunction ()
This means the definition won't be stored anywhere that is easily readable, for example:
FROM sys.sql_modules m
JOIN sys.objects o
on M.object_id = o.object_id AND o.type = 'FN' AND o.name = 'testFunction'
will return null, and if a user (even sysadmin) tries to use SSMS to modify the function they'll get a MessageBox stating that the text is encrypted and can't be retrieved. However, per MSDN,
The definition of functions created by using the ENCRYPTION option cannot be viewed by using sys.sql_modules; however, other information about the encrypted functions is displayed.
Applies to: SQL Server 2008 through SQL Server 2016.
Indicates that the Database Engine will convert the original text of the CREATE FUNCTION statement to an obfuscated format. The output of the obfuscation is not directly visible in any catalog views. Users that have no access to system tables or database files cannot retrieve the obfuscated text. However, the text will be available to privileged users that can either access system tables over the DAC port or directly access database files. Also, users that can attach a debugger to the server process can retrieve the original procedure from memory at runtime. For more information about accessing system metadata, see Metadata Visibility Configuration.
Using this option prevents the function from being published as part of SQL Server replication. This option cannot be specified for CLR functions.
You should still ensure that proper privileges are maintained to deal with such scenarios. You can read a bit more in depth about