Protecting cookies and other sensitive data using asymmetric encryption

[snshn]

Currently cookies are stored as-is, and it's not secure at all, especially in case if somebody finds the user's backup of Liquid App config files (.ini). Both localStorage and cookies can be encrypted using asymmetric or some other type of encryption. Here's a quick rundown:

• 1. Upon first run, Liquid should generate a unique encryption key or set of public/private keys and store them in ~/.config/liquid/liquid.conf
• 2. Whenever a cookie or any other type of sensitive information is stored in any of the apps by that user, the encryption key is used to encrypt and save it within ~/.config/liquid/apps/some-app.ini file
• 3. Without prompting the user, use the same key to restory some-app's cookies and localStorage data the next time the app starts

This will prevent sessions from traveling along with Liquid App config/data (.ini) files, but at the same time minimize chance of accidentally leaking them. Leaking either config.conf or any of the app configs won't pose a danger, unless both are leaked at the same time. Could be an optional feature, for the user to choose to either protect their cookies or not (on per-app basis).

[snshn]

This would likely over-complicate the code, make the concept of the program harder to understand, and prevent liquid app config files from being portable. Portable but password-protected is better than non-portable and non-password-protected, but with automatically encrypted cookies.