@item SHA256 checksums for stored packages
@item verifying of SHA256 checksum for uploaded packages
@item storing of uploaded GPG signatures
+@item secure Argon2i (or SHA256) stored passwords hashing
@item no YAML configuration, just command-line arguments
@item no package overwriting ability (as PyPI does too)
@item atomic packages store on filesystem