@mister_monster You can import public key from password protected secret key just by "gpg --import secretkey" and canceling prompts for password input, public key would still be imported. I don't think its great flaw, it would be nice if public key couldn't be derived from secret without knowing password, for example if attacker gets backups of secret keys he couldn't do lookup on keyservers to see whose those secret keys are.