If you want a way to safely store credentials that the Function node can use, then you can add them as environment variables at the Group/Subflow/Flow/Global level (depending on how widely accessible you need them to be). The env vars can be stored as credentials (so they won't get exposed in the editor) and the Function node can use env.get('MY_TOKEN') to retrieve the value.
It wouldn't be practical to have a 'secure' function node in the way you describe as credential values never get returned to the editor - so you wouldn't be able to edit the content the next time you reloaded the editor.
