Hi,
On 2021-05-25 16:34:10 -0400, Stephen Frost wrote:
> The nonce does need to be absolutely unique for a given encryption key and
> therefore needs to be global in some form.
You can achieve that without a global counter though, by prepending a
per-relation nonce with some local counter.
I'm doubtful it's worth it though - compared to all the other costs, one
shared atomic increment is pretty OK price to pay I think.
Greetings,
Andres Freund
