@nikolal I'm hoping (and thinking it is very likely) that key generation is done client side in the browser, or in the mullvad app, and only the public key is sent to them.