diff --git a/keyer.go b/keyer.go
index 67a6618..b267d49 100644
--- a/keyer.go
+++ b/keyer.go
@@ -15,15 +15,20 @@ type Keyer interface {
 	Cipher
 }
 
-// Signer is an interface for signing events.
+// User is an entity that has a public key (although they can't sign anything).
+type User interface {
+	// GetPublicKey returns the public key associated with this user.
+	GetPublicKey(ctx context.Context) (string, error)
+}
+
+// Signer is a User that can also sign events.
 type Signer interface {
+	User
+
 	// SignEvent signs the provided event, setting its ID, PubKey, and Sig fields.
 	// The context can be used for operations that may require user interaction or
 	// network access, such as with remote signers.
 	SignEvent(ctx context.Context, evt *Event) error
-
-	// GetPublicKey returns the public key associated with this signer.
-	GetPublicKey(ctx context.Context) (string, error)
 }
 
 // Cipher is an interface for encrypting and decrypting messages with NIP-44
diff --git a/keyer/bunker.go b/keyer/bunker.go
index b46dd7e..96fef87 100644
--- a/keyer/bunker.go
+++ b/keyer/bunker.go
@@ -9,6 +9,8 @@ import (
 	"github.com/nbd-wtf/go-nostr/nip46"
 )
 
+var _ nostr.Keyer = (*BunkerSigner)(nil)
+
 // BunkerSigner is a signer that delegates operations to a remote bunker using NIP-46.
 // It communicates with the bunker for all cryptographic operations rather than
 // handling the private key locally.
diff --git a/keyer/encrypted.go b/keyer/encrypted.go
index 3520721..73d4567 100644
--- a/keyer/encrypted.go
+++ b/keyer/encrypted.go
@@ -9,6 +9,8 @@ import (
 	"github.com/nbd-wtf/go-nostr/nip49"
 )
 
+var _ nostr.Keyer = (*EncryptedKeySigner)(nil)
+
 // EncryptedKeySigner is a signer that must ask the user for a password before every operation.
 // It stores the private key in encrypted form (NIP-49) and uses a callback to request the password
 // when needed for operations.
diff --git a/keyer/manual.go b/keyer/manual.go
index c23283d..858c81a 100644
--- a/keyer/manual.go
+++ b/keyer/manual.go
@@ -6,6 +6,8 @@ import (
 	"github.com/nbd-wtf/go-nostr"
 )
 
+var _ nostr.Keyer = (*ManualSigner)(nil)
+
 // ManualSigner is a signer that delegates all operations to user-provided functions.
 // It can be used when an app wants to ask the user or some custom server to manually provide a
 // signed event or an encrypted or decrypted payload by copy-and-paste, for example, or when the
diff --git a/keyer/plain.go b/keyer/plain.go
index 1ca9db9..5018e7a 100644
--- a/keyer/plain.go
+++ b/keyer/plain.go
@@ -8,6 +8,8 @@ import (
 	"github.com/puzpuzpuz/xsync/v3"
 )
 
+var _ nostr.Keyer = (*KeySigner)(nil)
+
 // KeySigner is a signer that holds the private key in memory
 type KeySigner struct {
 	sk string
diff --git a/keyer/readonly.go b/keyer/readonly.go
index 3b0898b..c2d2e32 100644
--- a/keyer/readonly.go
+++ b/keyer/readonly.go
@@ -7,7 +7,26 @@ import (
 	"github.com/nbd-wtf/go-nostr"
 )
 
-// ReadOnlySigner is a Signer that holds a public key in memory and cannot sign anything
+var (
+	_ nostr.User   = (*ReadOnlyUser)(nil)
+	_ nostr.Signer = (*ReadOnlySigner)(nil)
+)
+
+// ReadOnlyUser is a nostr.User that has this public key
+type ReadOnlyUser struct {
+	pk string
+}
+
+func NewReadOnlyUser(pk string) ReadOnlyUser {
+	return ReadOnlyUser{pk}
+}
+
+// GetPublicKey returns the public key associated with this signer.
+func (ros ReadOnlyUser) GetPublicKey(context.Context) (string, error) {
+	return ros.pk, nil
+}
+
+// ReadOnlySigner is like a ReadOnlyUser, but has a fake GetPublicKey method that doesn't work.
 type ReadOnlySigner struct {
 	pk string
 }