I'm going to keep this one brief while I investigate it, rather than providing tons of context.

Unexpected (by me) behavior in repository_tool:

If some role A delegates to some role B, listing (public) key K as an expected key for role B, and any role currently has key K loaded, then regardless of whether or not role B has key K loaded, role B will be signed with key K when it (role B) is written.

I don't expect this behavior because when signing role B, role B's state should be the sole determinant of what keys it is signed by.

Same thing, put another way:
Scenario:
Given:

• Role A delegates * to role B, listing public key for Key K
• Any other role already has Key K loaded (via .load_signing_key()).

Result:
Role B is signed by role K when it is written, even though there was no B.load_signing_key(K) call.