diff --git a/pkg/crypto/api.go b/pkg/crypto/api.go
index c67417f58..f421fad2a 100644
--- a/pkg/crypto/api.go
+++ b/pkg/crypto/api.go
@@ -25,26 +25,6 @@ type Impl interface {
 	// Storing and using the private key is completely implementation-dependent.
 	Sign(data [][]byte) ([]byte, error)
 
-	// RegisterNodeKey associates a public key with a numeric node ID.
-	// The representation of the key is implementation-dependent.
-	// Calls to VerifyNodeSig will fail until RegisterNodeKey is successfully called with the corresponding node ID.
-	// Returns nil on success, a non-nil error on failure.
-	RegisterNodeKey(pubKey []byte, nodeID t.NodeID) error
-
-	// RegisterClientKey associates a public key with a numeric client ID.
-	// The representation of the key is implementation-dependent.
-	// Calls to VerifyClientSig will fail until RegisterClientKey is successfully called with the corresponding client ID.
-	// Returns nil on success, a non-nil error on failure.
-	RegisterClientKey(pubKey []byte, clientID t.ClientID) error
-
-	// DeleteNodeKey removes the public key associated with nodeID from the module's state.
-	// Any subsequent call to VerifyNodeSig(..., nodeID) will fail.
-	DeleteNodeKey(nodeID t.NodeID)
-
-	// DeleteClientKey removes the public key associated with clientID from the module's state.
-	// Any subsequent call to VerifyClientSig(..., clientID) will fail.
-	DeleteClientKey(clientID t.ClientID)
-
 	// VerifyNodeSig verifies a signature produced by the node with numeric ID nodeID over data.
 	// Returns nil on success (i.e., if the given signature is valid) and a non-nil error otherwise.
 	// Note that RegisterNodeKey must be used to register the node's public key before calling VerifyNodeSig,
diff --git a/pkg/crypto/pseudo.go b/pkg/crypto/pseudo.go
index 6ae1442bf..956c9384c 100644
--- a/pkg/crypto/pseudo.go
+++ b/pkg/crypto/pseudo.go
@@ -46,7 +46,7 @@ func NodePseudo(nodes []t.NodeID, clients []t.ClientID, ownID t.NodeID, seed int
 	}
 
 	// Look up the own private key and create a CryptoImpl module instance that would sign with this key.
-	var c Impl
+	var c *DefaultImpl
 	for i, id := range nodes {
 		if id == ownID {
 			if c, err = NewDefaultImpl(nodePrivKeys[i]); err != nil {
@@ -96,7 +96,7 @@ func ClientPseudo(nodes []t.NodeID, clients []t.ClientID, ownID t.ClientID, seed
 	}
 
 	// Look up the own private key and create a CryptoImpl module instance that would sign with this key.
-	var c Impl
+	var c *DefaultImpl
 	for i, id := range clients {
 		if id == ownID {
 			if c, err = NewDefaultImpl(clientPrivKeys[i]); err != nil {
@@ -149,7 +149,7 @@ func generateKeys(numKeys int, randomness io.Reader) (privKeys [][]byte, pubKeys
 // nodes and nodePubKeys must have the same length.
 // The analogous happens for client keys, using c.RegisterClientKey.
 func registerPubKeys(
-	c Impl,
+	c *DefaultImpl,
 	nodes []t.NodeID,
 	nodePubKeys [][]byte,
 	clients []t.ClientID,