diff --git a/doc/todo/encrypted_keys_in_git_repository/comment_5_05b0e2e88b233691b403d4c908b50c52._comment b/doc/todo/encrypted_keys_in_git_repository/comment_5_05b0e2e88b233691b403d4c908b50c52._comment
new file mode 100644
index 0000000000..d0b388b8f1
--- /dev/null
+++ b/doc/todo/encrypted_keys_in_git_repository/comment_5_05b0e2e88b233691b403d4c908b50c52._comment
@@ -0,0 +1,14 @@
+[[!comment format=mdwn
+ username="nobodyinperson"
+ avatar="http://cdn.libravatar.org/avatar/736a41cd4988ede057bae805d000f4f5"
+ subject="comment 5"
+ date="2023-01-02T22:58:08Z"
+ content="""
+> I'm talking about a single file that the attacker already knows the content of, and wishes to determine if it's present in the repository. 
+
+Ah alright, in that case scrypt doesn't help, I agree. Among the large userbase for such a versatile software as git-annex there surely are people that could make use of hiding the presence of some 'common' files from their public repos. Though it rather seems like quite an edge case to me 😅 Better go full-gcrypt in that case I'd say...
+
+> sha2 is equally good protection as scrypt
+
+In that case, this'll be enough for my application, thanks! 🙏
+"""]]