For many early uses (AES, RSA, & ECDSA key material) a few kB is enough, and means secret sharing can happen on chain. It also means much more efficient computation, since smaller secrets mean lower I/o overhead.
That small a max size is a serious restriction on general-purpose private storage though. 1MB feels like a reasonable cap, though it would require off-chain secret sharing (eg commitments to shares on-chain + IPFS or similar to share off-chain).
Early in the network's life, AES, RSA, and ECDSA could each be their own keep types (rather than delineating types between "simple" & "signing").
For many early uses (AES, RSA, & ECDSA key material) a few kB is enough, and means secret sharing can happen on chain. It also means much more efficient computation, since smaller secrets mean lower I/o overhead.
That small a max size is a serious restriction on general-purpose private storage though. 1MB feels like a reasonable cap, though it would require off-chain secret sharing (eg commitments to shares on-chain + IPFS or similar to share off-chain).
Early in the network's life, AES, RSA, and ECDSA could each be their own keep types (rather than delineating types between "simple" & "signing").