For the key discovery or public key registry, I think it is time to summarize:
- Smart Contracts could expose a function to return a public key;
- EOA: encrypt to the “direct” public key, that is, the one corresponding to the address. Usually this could be recovered from past signatures. We need a utility for this purpose.
- EOA: encrypt to the “derived” public key as currently specified. We may need a registry, be it smart contract or ENS or something else. Fee may incur.
There are also security implications to the choice between “direct” or “derived” public key, mostly about key management.
I’d like to link this to my other proposal about private key encapsulation: that is, if we rely on this EIP for file encryption or end2end encrypted messaging, we don’t want to enter our seed to a messaging app. We could safely transport the needed private key (“direct” or derived) to the app without endangering the entire seed.