@gargron I'm confused about where the users' keys are supposed to be stored? They're not supposed to "enter low-security environments such as the browser?" But presumably there will be web clients that get temporary keys somehow. So unless users set up their own instance, someone else holds the key? Am I missing something???