diff --git a/internal/age/primitives.go b/internal/age/primitives.go
index 67f3f41..77c5632 100644
--- a/internal/age/primitives.go
+++ b/internal/age/primitives.go
@@ -21,6 +21,11 @@ func aeadEncrypt(key, plaintext []byte) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
+	// The nonce is fixed because this function is only used in places where the
+	// spec guarantees each key is only used once (by deriving it from values
+	// that include fresh randomness), allowing us to save the overhead.
+	// For the code that encrypts the actual payload, look at the
+	// filippo.io/age/internal/stream package.
 	nonce := make([]byte, chacha20poly1305.NonceSize)
 	return aead.Seal(nil, nonce, plaintext, nil), nil
 }