I don’t see any problems with handling this with a PR. The issue discussing the keychain integration is this:
After you create or locate an issue on Github, you can go here and register a bounty:
https://www.bountysource.com/teams/duplicati
Anyone can claim a bounty, simply send in a PR and once it is accepted, claim the prize on bountysource.