Periodically we should discard old keys for data that is no longer needed. This way if a sgx vulnerability occurs later, it doesn't affect data that came before
[ ] collect evidence if a kettle has discarded old keys
[ ] give nodes an incentive for doing this
[ ] come up with a way to migrate persistent state. It's hard to iterate over everything
Periodically we should discard old keys for data that is no longer needed. This way if a sgx vulnerability occurs later, it doesn't affect data that came before