Currently, enabling the decryption key HTTP endpoint (e.g., for /decryption-key) also enables other sensitive admin endpoints such as /shutdown and /trigger-decryption. This poses a risk when asking decentralized keypers to expose the decryption key endpoint to the public.

We need to introduce separate config flags to enable or disable each endpoint (or group of endpoints) individually.