No migration to new checksum types
The assumption that chunk checksums are SHA256 is implicit everywhere. There's no way to use another checksum. We need to change things so each checksum includes an explicit type indication. I propose prefixing the current checksums with the character '0' (ASCII 48).
Also, we should a second checksum type to make sure we can have more than one checksum type in use. For example, a client must be able to cope with the user changing the checksum type for new chunks for an incremental backup.