From b2711924656536765055bddc122e80695ded4988 Mon Sep 17 00:00:00 2001
From: Didactic Drunk <1479616+didactic-drunk@users.noreply.github.com>
Date: Fri, 26 Mar 2021 13:56:26 -0700
Subject: [PATCH] Document recommended KDF use

---
 src/sodium/kdf.cr | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/sodium/kdf.cr b/src/sodium/kdf.cr
index 9b71e45..1ed52ec 100644
--- a/src/sodium/kdf.cr
+++ b/src/sodium/kdf.cr
@@ -15,6 +15,19 @@ module Sodium
   # Memory for this class is held in a sodium guarded page with noaccess.
   # Readonly access is temporarily enabled when deriving keys.
   # Calling #to_slice marks the page readonly permanently.
+  #
+  # It's recommended to use a #wipe block to erase the master key when no longer needed
+  # ```
+  # kdf = Kdf.new
+  # ...
+  # kdf.wipe do
+  #  ### Warning: abnormal exit may not wipe
+  #  # encrypt/decrypt data
+  # end # key erased
+  # # main application logic
+  # ```
+  #
+
   # ```
   class Kdf
     include Wipe