VeraCrypt is encryption on the fly, which means you will work with files as if it were a regular directory, and any programs will access files as usual.
A password-protected archive is when, in order to access a file, you have to extract it, copy it to a temporary directory, and only then open it. This happens automatically when you for example double click on a file in the archiver gui, and when the viewer closes the temporary file is deleted.
The inconvenience begins immediately - for example, in the viewer you can go to the next file by simply pressing the right / left arrow, so in the case of an archive, the file viewer application will try to look for the next files in the temporary directory and they will not be there, you will need to close application and open a new file from the archive.
Yes, you can immediately unpack several files before viewing, but this action will have to be done manually, or somehow indicate your desire to do this.
And when files are extracted from the archive to a temporary directory, and then deleted - a trace of the file remains in the file system, with due luck and the use of special programs, you can extract not only the name of this file, but even the file itself, in whole or in part.
In some cases, keyloggers, special virus programs for recording all keystrokes (for example, in windows this comes by default to collect telemetry, saves all keystrokes to a special file, there was a 'scandal' recently, it is not encrypted) it is easier to get the password that you entered into an archiver than into a specialized application for data encryption, which may make some attempts to prevent the theft of this password (for example, using OTP or a smart card).

In speed.

there is a wonderful module https://docs.python.org/3.5/library/itertools.html
which has functions for working with combinatorics:

product('ABCD', repeat=2)
permutations('ABCD', 2)
combinations('ABCD', 2)
combinations_with_replacement('ABCD', 2)

and, accordingly, options for obtaining a random object:

random_product
random_permutation
random_combination
random_combination_with_replacement

look read, it will allow you to immediately make a selection of non-repeating elements.
It is to avoid complex ifs, and in them, as I understand it, you check that the ingredients are unique, you can use set
or this solution stackoverflow.com/a/5281641 - it will be much more productive on large objects.
these are the checks

if CARD == SLOGNOST[0]:
 elif CARD == SLOGNOST[1]:
...

also bad code, you actually have the same logic, just the number of potion elements changes, put in the config that such and such a complexity corresponds to such and such a number of elements, and based on this number, create lists with the required number of ingredients, etc., etc.
so random .choice will return a string anyway, why else call the conversion to a string? (and so several times)