The decrypt path works with raw byte slices and magic offsets (data[27..39], data[11..27], etc.). Parsing the binary envelope into a strongly-typed Envelope { algo_id, kdf_id, salt, nonce, ciphertext } at the I/O boundary and propagating the struct through the call stack would eliminate this indexing, make the parsing logic auditable in one place, and produce better error messages when a header field is out of range.
The decrypt path works with raw byte slices and magic offsets (`data[27..39]`, `data[11..27]`, etc.). Parsing the binary envelope into a strongly-typed `Envelope { algo_id, kdf_id, salt, nonce, ciphertext }` at the I/O boundary and propagating the struct through the call stack would eliminate this indexing, make the parsing logic auditable in one place, and produce better error messages when a header field is out of range.