ARCH2.md (611B)
1 # ARCH2: Document HKDF invariant 2 3 ## Goal 4 Document why mix_key cannot hit the Nothing case from HKDF.derive. 5 6 ## Context 7 mix_key uses HKDF.derive hmac ck mempty 64 ikm and currently calls 8 error on Nothing. The Nothing case occurs when the requested output 9 length exceeds 255 * hashlen. For SHA256, hashlen is 32, so the limit 10 is 8160 bytes. The requested length is 64. 11 12 ## Decision 13 Keep the error, but document the invariant in a short comment so future 14 readers understand why the case is impossible. 15 16 ## Expected outcome 17 A local comment near mix_key explaining the bound and why error is safe 18 in this context.