what is it that gets stored in the page for decryption use, the nonce or the IV derived from it?
I believe storing the IV is preferable and still secure per [1]: "The IV need not be secret"
Beyond needing the database oid, if every decrypt function has to regenerate the IV from the nonce that will affect performance. I don't know how expensive the forward hash is but it won't be free.