README.md in lockbox-0.2.0 vs README.md in lockbox-0.2.1

- old
+ new

@@ -1,16 +1,16 @@
 # Lockbox
 
-:lock: Modern encryption for Rails
+:package: Modern encryption for Rails
 
 - Uses state-of-the-art algorithms
 - Works with database fields, files, and strings
 - Stores encrypted data in a single field
 - Requires you to only manage a single encryption key
 - Makes migrating existing data and key rotation easy
 
-Check out [this post](https://ankane.org/modern-encryption-rails) for more info on its design, and [this post](https://ankane.org/sensitive-data-rails) for more info on securing sensitive data with Rails
+Learn [the principles behind it](https://ankane.org/modern-encryption-rails), [how to secure emails](https://ankane.org/securing-user-emails-lockbox), and [how to secure sensitive data in Rails](https://ankane.org/sensitive-data-rails)
 
 [![Build Status](https://travis-ci.org/ankane/lockbox.svg?branch=master)](https://travis-ci.org/ankane/lockbox)
 
 ## Installation
 
@@ -70,10 +70,42 @@
 User.create!(email: "hi@example.org")
 ```
 
 If you need to query encrypted fields, check out [Blind Index](https://github.com/ankane/blind_index).
 
+### Types
+
+Specify the type of a field with:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :born_on, type: :date
+  encrypts :signed_at, type: :datetime
+  encrypts :active, type: :boolean
+  encrypts :salary, type: :integer
+  encrypts :latitude, type: :float
+  encrypts :video, type: :binary
+  encrypts :properties, type: :json
+  encrypts :settings, type: :hash
+end
+```
+
+**Note:** Always use a `text` or `binary` column in migrations, regardless of the type
+
+Lockbox automatically works with serialized fields for maximum compatibility with existing code and libraries.
+
+```ruby
+class User < ApplicationRecord
+  serialize :properties, JSON
+  encrypts :properties
+end
+```
+
+### Validations
+
+Validations work as expected with the exception of uniqueness. Uniqueness validations require a [blind index](https://github.com/ankane/blind_index).
+
 ## Files
 
 ### Active Storage
 
 Add to your model:
@@ -362,11 +394,11 @@
 end
 ```
 
 Make sure `decryption_key` is `nil` on servers that shouldn’t decrypt.
 
-This uses X25519 for key exchange and XSalsa20-Poly1305 for encryption.
+This uses X25519 for key exchange and XSalsa20 for encryption.
 
 ## Key Separation
 
 The master key is used to generate unique keys for each column. This technique comes from [CipherSweet](https://ciphersweet.paragonie.com/internals/key-hierarchy). The table name and column name are both used in this process. If you need to rename a table with encrypted columns, or an encrypted column itself, get the key:
 
@@ -399,9 +431,39 @@
   encrypt key: -> { model.kms_key }
 end
 ```
 
 **Note:** KMS Encrypted’s key rotation does not know to rotate encrypted files, so avoid calling `record.rotate_kms_key!` on models with file uploads for now.
+
+## Padding
+
+Add padding to conceal the exact length of messages.
+
+```ruby
+Lockbox.new(padding: true)
+```
+
+The block size for padding is 16 bytes by default. Change this with:
+
+```ruby
+Lockbox.new(padding: 32) # bytes
+```
+
+## Reference
+
+Set default options in an initializer with:
+
+```ruby
+Lockbox.default_options = {algorithm: "xsalsa20"}
+```
+
+For database fields, encrypted data is encoded in Base64. If you use `binary` columns instead of `text` columns, set:
+
+```ruby
+class User < ApplicationRecord
+  encrypts :email, encode: false
+end
+```
 
 ## Compatibility
 
 It’s easy to read encrypted data in another language if needed.
 