We currently save all encrypted state using a key derived from the passphrase that the node operator selects.
We are using eventsourcing now however so we should attempt to add some forward secrecy.
We should use E3 keys that are saved encrypted in a KV store but then purged once an E3 round is finalized
We currently save all encrypted state using a key derived from the passphrase that the node operator selects.
We are using eventsourcing now however so we should attempt to add some forward secrecy.
We should use E3 keys that are saved encrypted in a KV store but then purged once an E3 round is finalized