From 9901649fd7786e953b4b0d0d40ba6dfced21148a Mon Sep 17 00:00:00 2001
From: Username <user@mymx.me>
Date: Thu, 25 Dec 2025 19:40:34 +0100
Subject: [PATCH] docs: add compression design constraints

Compression must be paired with encryption (compress-then-encrypt)
to prevent bypassing entropy enforcement via compress-only uploads.
---
 TODO.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/TODO.md b/TODO.md
index 1f14522..256fa6d 100644
--- a/TODO.md
+++ b/TODO.md
@@ -9,6 +9,9 @@ Unstructured intake buffer for ideas, issues, and observations. Items here are r
 - Paste compression for large text content
   - Must mark compression in URL fragment (e.g., `#z:<key>` or `#<key>:z`)
   - Receiver needs to know content is compressed before decryption
+  - Design: compress-then-encrypt only (not compress-only)
+  - Compressed data has high entropy → bypasses entropy enforcement
+  - Must enforce encryption when compression enabled (CLI-side)
 - ETag support for conditional requests
 - Neovim/Vim plugin for editor integration
 - Webhook notifications for paste events