Removes reference to potential fluke issue.

Author: blackwood

.claude/CLAUDE.md

@@ -85,7 +85,6 @@ npm run setup:crypto:reset    # regenerate crypto values after VAULT_EMAIL/PASSW
 1. **No real credentials in test data**: All vault passwords are fake (e.g., `"fakeBasicFormPassword"`). Prefix test credential values with `fake`.
 2. **No secrets in source**: Crypto material, master password hashes, and API keys live only in `.env` (gitignored). Generated by `npm run setup:crypto` — never set manually.
     - `VAULT_EMAIL` is used as a PBKDF2 salt — changing it invalidates `MASTER_PASSWORD_HASH` and requires `npm run setup:crypto:reset` + a fresh DB.
-    - `VAULT_EMAIL` must be a standard email format — plus-addressing (e.g. `user+tag@example.com`) is rejected by the Bitwarden server validator.
 3. **Zero-knowledge invariant**: Account creation in `create-account.ts` sends a pre-hashed master password and encrypted key material — never the plaintext password — to the server API.
 4. **Downloads disabled**: The browser fixture sets `acceptDownloads: false`.
 

README.md

@@ -89,8 +89,6 @@ npm run test:static:debug
 
 > Important! Once you've generated installation and crypto values for your `.env` file, DO NOT CHANGE the seeding values (`VAULT_EMAIL`, `VAULT_PASSWORD`, `KDF_ITERATIONS`). Doing so requires regenerating your installation and crypto secret values and rebuilding/updating server.
 
-> `VAULT_EMAIL` must be a standard email address format. Plus-addressed emails (e.g. `user+tag@example.com`) are not accepted by the default Bitwarden server validator.
-
 > If you do need to change `VAULT_EMAIL` or `VAULT_PASSWORD`, run `npm run setup:crypto:reset` to clear and regenerate the derived crypto values, then `docker compose down -v && docker compose up -d --wait` for a fresh database, then `npm run setup:vault`.
 
 - Run `npm run setup:install` to generate and add installation values to your dotfile