pub fn read_keyring(account: &str) -> Result<Option<String>, KeyError>Expand description
Read a keyring password by account name, distinguishing “not set”
(Ok(None)) from a backend failure (Err). An empty stored value is
treated as not set. Public so host apps read their own namespaced
credentials with the same not-set/failure semantics.
Silently collapsing backend errors into None would mask the corrupt-
local-identity case (a missing key looks identical to a broken keyring),
which is the worst failure mode for security-sensitive surfaces.