is visible in tools like Libsodium, where high-level APIs explicitly aim to discourage developers from picking primitives, and in WireGuard, where single primitives are picked to intentionally eliminate crypto-agility.

If opinionated encryption is used and a vulnerability is discovered in one of the primitives in a protocol, there is no way to substitute better primitives. Instead, the solution is to use versioned protocols. A new version of the protocol will