Yes I agree, the community is unlike anything I’ve ever seen.
Your questions are spot on, imho. Have fun digging deeper 
The client (I think it’s the authenticator now?) is what self-encrypts (hashes and splits) the data with two private keys in the first place, so only the client which has the keys will be able to find the chunks on the network and put them back together.
I assume that also goes for the second round of encryption that @neo has mentioned?
edit
Btw I’ve just discovered this.