In the .cyphr/README.md, it says:

Files in keys/ are encrypted copies of the (symmetric) data key, encrypted with different users' private keys.

As I understand the workflow, these files are encrypted with the public keys that users provide to the admin. Do I have that right?

Thanks for the helpful package.

Yes, you are of course correct, thank you. The admin has the public key and encrypts the symmetric key with that, the user can then decrypt it with their private key. I'd gladly accept a PR to update that, or will fix it later this week.