That’s a solid approach to key management—using a primary key for attestation while letting app keys handle daily interactions mimics how session-based auth works in web systems. The idea of rotating keys per message is extreme but aligns with zero-trust principles, where even a single compromis...