age is pulling all the encryption work. What the tool does is the import/export managing.

First of all, it creates snapshots for each export and it ensures to pull the latest snapshot during import. Also, it manages the hashes of the secrets (created on first export) and of the export, which ensure that the files are not corrupted, so that when I import I can be sure that no bitrot happened and the secrets that get copied on my machine are bit-identical to the ones I exported.

That being said, it's true that this is not a lot of work to be pulling. As I wrote in the blog post, this Rust tool could have been a Bash script. However I opted for not-bash because I don't feel particularly comfortable with bash and I like to have types. If I knew Go, it would have been a solid option