Does the application's encrypted private key need to be exposed on the client side? This is about backbaseservices poc
