Principal Service: Add support for multiple user accounts

services/vanadium/security/wire_blessings.go

Index: services/vanadium/security/wire_blessings.go
diff --git a/services/vanadium/security/wire_blessings.go b/services/vanadium/security/wire_blessings.go
index b724000ceea1ea593829cdf62295e17b982a2a1c..a4bad521c4b2482667795ff6514bfb2549184722 100644
--- a/services/vanadium/security/wire_blessings.go
+++ b/services/vanadium/security/wire_blessings.go
@@ -57,8 +57,10 @@ type caveat struct {
 func newBlessing(wb *wireBlessings) *vpkg.Blessing {
 	// TODO(ataly, gauthamt): Below we only consider the first certificate chain
 	// in the wireBlessings object. We should handle the case when the wireBlessings
-	// object has more than one certificate chain.
-	// TODO(ataly, gauthamt): We should validate all caveats present in the certificates.
+	// object has more than one certificate chain. This issue would become moot
+	// if the vpkg.Blessing type matched the wireBlessing type.
+	// TODO(ataly, gauthamt): We should validate all caveats present in the
+	// certificates.
 	var chain []vpkg.Certificate
 	for _, c := range wb.CertificateChains[0] {
 		chain = append(chain, vpkg.Certificate{Extension: c.Extension})