Exactly. I hope devs can help audit it. But so far, it’s pretty simple, using the same encryption we used to hash DMs, as add another hash on top of it, using standard package to hash with your passcode.