Collections still have a unique encryption key (their collection key), and items
just have a unique key per item in a collection that's derived from the main key
and if we ever want to share items across collections or do something fancy like
that we can just add an encrypted key in there.
Each collection now has an item and the item's UID is the collections
UID. This lets us manipulate collections just like items, and as part of
transactions. This is significant because it lets us change them as part
of transactions!
Without this, it would be sufficient to steal an auth token to render the account
unusable because it would be possible to just reset the encrypted content
of the account. With this change we require the user to actually know
the account password in order to do it.