Right now, we're passing around SignKeypair (and CryptoKeypair) in places where we specifically only want/need a public key. This seems somewhat of a dangerous practice, because we rely on the implementation to make sure the private key data isn't hanging around (which isn't that big of a deal because it's always encrypted) when it would be much better to rely on the type system for this.
Right now, we're passing around
SignKeypair(andCryptoKeypair) in places where we specifically only want/need a public key. This seems somewhat of a dangerous practice, because we rely on the implementation to make sure the private key data isn't hanging around (which isn't that big of a deal because it's always encrypted) when it would be much better to rely on the type system for this.