# Notes
## Cryptographic Questions
- are any of the sha digests biased or biasable?
  - if so, try scrypt or even argon2id?
- are the passphrase or salt settings too high? are they diminishing returns or even counterproductive?
  - if so, what are some more optimal settings?
## Implementation Questions
- is a shell script even possibly gonna be ok as even a poc?
  - python maybe?
- are there errent tmp files?
- are there errent memory leaks?
- are there any secrets leaks?
# Prose
# Scratch