That's better than I thought. The main vulnerability would then be encryption to self since that's done more frequently. But you could use ephemeral keys as a nonce to generate a bogus shared secret.