Suggesting a new feature

If you'd like to suggest a new feature, feel free to open a feature request on GitHub. However, please read the Goals section first.


  • Add a -b|--batch option for automated use cases that rejects interactive input and terminates the program when an error/exception occurs?
  • Consider -q|--quiet to hide output.
  • Investigate globbing.
  • Investigate stdin support.
  • Display -h|--help with no user input if possible.

Long run


  • Consider AEGIS-256 for encryption. Much faster, well analysed, and fully committing.
  • Consider switching the KDF from salted BLAKE2b. Unfortunately, there's basically nothing except HKDF-SHA-2, which is needlessly inefficient. Could use BLAKE3, but that would require another dependency.
  • v2 of the signature format should use Ed25519ph for prehashing. It wasn't available in the previous libsodium binding.
  • Reconsider hedged signatures.
  • Reconsider random nonces (e.g. for private key encryption).
  • Could switch to libsodium's secretstream API for file encryption. This wasn't available in the previous libsodium binding. One may be coming for AEGIS. Or just write a STREAM library, which I should do anyway.
  • Support more recipients/change the key wrap header approach.
  • Remove free space from the file metadata header.
  • Consider ASCII armour/Minisign style detached signature files.
  • Will need to eventually switch to post-quantum asymmetric primitives - KEM and signing. This requires waiting for further analysis and library support (likely years). The UX will be terrible.
  • Consider supporting unencrypted private keys for non-interactive use cases.


  • Support non-detached signatures?
  • Confirm y/n before -o|--overwrite?
  • Do a progress bar like Docker?
  • Consider supporting YubiKeys via the .NET YubiKey SDK. I don't currently have a YubiKey to test anything, I don't want to buy a YubiKey because I have no use for one, and this is not trivial to implement.
  • Have a trusted folder for public keys, with separate files or folders for encryption/signing? No idea what the UX would be.
  • Add support for generating vanity address public keys?
Last modified 5mo ago