Proton exposing email with Simplelogin if attach public key enabled

Yeah, this has annoyed me for a while; I similarly assume emails you send using aliases will be signed by your private key, and I assume that either explicitly exposes the email, implicitly exposes the email to any party willing to just try a bunch of public keys (which can be obtained at https://api.protonmail.ch/pks/lookup?op=get&search=<EMAIL_ADDRESS>), or at least leads to some confusion for people.

(this is all implied to be in the situation where you have proton sign your emails… which frustratingly only exists as a global toggle)