So the keys never leave the phone, and all the signing/encrypting/decryption requests & responses are sent over some internal browser-specific api? (i.e. the Safari on my phone can communicate with the Safari on my laptop, if I’m logged in).