The idea was always that end-users would communicate with the Tap backend exclusively using encrypted data. Anything they send would be encrypted using a private key stored on their device (Android / iOS), and anything they receive would only be decryptable by them.
However, the companies would interact with a web app, rather than a mobile app, so there's no secure store for a private key, and given they're an organization rather than an individual, there'd probably have multiple users too.
The initial design concept was based around Tap hosting the keys for the company, and acting as a trusted source in the system. However, as I looked into the options available it became clear that libsodium was totally workable on the frontend, in the browser, so the problem was limited to securely serving them the private key.
The design we went for in the end was to use AES to encrypt the Sodium private key client-side via a passphrase that never leaves the browser, this allowed Tap to store the encrypted private key and serve it up to any team member of the organization, without being able to decrypt the data themselves, all they needed to do is enter the passphrase after they sign in.
Steve has an innate technical ability which is given further strength by his level of experience and general desire to do a good job. I have enjoyed working with Steve over and above many others because of his ability to gauge when a problem needs to be solved right and when a problem needs to be solved quickly. He always strives to do an excellent job regardless and makes the right engineering decisions. He learns new technology at an exceptional rate and is often the go to person to solve a technical challenge. As a team player, Steve appears equally happy to integrate with an existing team and role his sleeves up directly working on a project, help mentor less experienced developers, or lead a project as a technical oversight. I have always been happy taking Steve in to customer meetings safe in the knowledge that he will answer questions in a composed and accurate manner whilst not being afraid to give his opinion on technical issues. Steve is well liked and highly respected by his colleagues from all areas of the business. I will miss working with Steve and am confident in recommending him for any technical position.