Having spent a while trying to understand it, I believe the keys are serving a dual purpose as an encryption key and as a stable identifier along the lines of a session cookie that might be used for a WebRTC video call.

Here's my summary from Lobste.rs, keeping in mind I'm not an expert and only found this project today:

> [..] this is closer to an opinionated WebRTC setup that handles assigning a persistent ID to clients. All the work of making a signaling server is taken care of and the solution is generic enough and cheap enough to run that you can get away with using a community hosted one. Kinda similar to what you get with Steam’s proprietary p2p gamenetworkingsocket infrastructure

https://lobste.rs/s/cslljn/iroh_1_0_dial_keys_not_ips#c_s3na...