Currently, the repository uses an XOR-based scheme with a fixed key derived from a secret. This approach is not secure and can be vulnerable to attacks (e.g., known-plaintext attacks).
I noticed that the code already mentions replacing this with a more robust encryption scheme (e.g., AES-GCM) at a later stage. However, I thought it might be useful to track this as an issue.
I’d be happy to work on this if you think it’s worth addressing at this stage.
Currently, the repository uses an XOR-based scheme with a fixed key derived from a secret. This approach is not secure and can be vulnerable to attacks (e.g., known-plaintext attacks).
I noticed that the code already mentions replacing this with a more robust encryption scheme (e.g., AES-GCM) at a later stage. However, I thought it might be useful to track this as an issue.
I’d be happy to work on this if you think it’s worth addressing at this stage.