If so, how do we select single pubkey to calculate PeerId?
I think technically you can have as many key pairs as you want, but each would correspond to a different PeerId. So multiple key pairs is only really useful if you want multiple identities per node for some reason.
right now we can only associate one peer of (& key pair) per host. this may change in the future, though it’s not in the roadmap.
Support for multiple keypairs would be ideal, as this would give us better support to encrypt individual messages in addition to the signing we already perform. When proxying messages over an intermediary node, being able to encrypt the message for the target peer is important, and we want to avoid using the same keys.