We want to remove all innner ring queries to authenticate owner by public keys. Therefore we put public keys into session token. Later public keys could be gathered with NeoID or other centre of authority.