Got that part — but we’re still giving Amber the plaintext nsec — so my understanding is that it’s better to do that just once, with an app that many people have reviewed (and that doesn’t have lots of other code or opportunity for bugs/compromise) compared to doing that every time you want to use a new client. Something like that?