You upload your private key to the cloud. Encrypted or not, this is a bad idea.
An encrypted key is a useless blob. What matters is the decryption key for that key, which is your password (or a key derived from it, I assume), which is client side.
They can do the signing and encryption with my public key
They can’t sign with your public key. Signing is done using your private one, otherwise nobody can verify the signature.
Either way:
and then I’ll do the decryption with my own private key locally without them storing it.
You can do it using the bridge, exactly like you would with any client-side tooling.
An encrypted key is a useless blob. What matters is the decryption key for that key, which is your password (or a key derived from it, I assume), which is client side.
They can’t sign with your public key. Signing is done using your private one, otherwise nobody can verify the signature.
Either way:
You can do it using the bridge, exactly like you would with any client-side tooling.
Yeah mb. Mixed private keys with public keys. Edited original comment.