From b656d4fe1f777904345d7c8d6cd4707e88584e49 Mon Sep 17 00:00:00 2001
From: Manav Rathi <manav@mnvr.in>
Date: Thu, 5 Jun 2025 13:06:44 +0530
Subject: [PATCH] Addendum

https://github.com/jedisct1/libsodium.js/issues/112#issuecomment-337389964
---
 web/packages/accounts/services/user.ts | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/web/packages/accounts/services/user.ts b/web/packages/accounts/services/user.ts
index f47d8fe19e..effb1e8f0a 100644
--- a/web/packages/accounts/services/user.ts
+++ b/web/packages/accounts/services/user.ts
@@ -105,6 +105,14 @@ export interface KeyAttributes {
      * (https://doc.libsodium.org/public-key_cryptography/authenticated_encryption#key-pair-generation),
      * who possibly chose public + secret instead of public + private to avoid
      * confusion with shorthand notation (pk).
+     *
+     * However, the library author later changed their mind on this, so while
+     * libsodium itself (the C library) and the documentation uses "secretKey",
+     * the JavaScript implementation (libsodium.js) uses "privateKey".
+     *
+     * This structure uses the term "secretKey" since that is what the remote
+     * protocol already was based on. Within the web app codebase, we use
+     * "privateKey" since that is what the underlying libsodium.js uses.
      */
     encryptedSecretKey: string;
     /**