How to resolve "Some processes can't access unlocked encrypted files"?

[BigGitWorld]

Hello. I'm using fscrypt to be able to encrypt /home/pi directory in a raspberry-pi with a raspbian OS. The encryption works well, but I need to run an application located in the /home/pi directory automatically when the OS is booted. Therefore I have a command to run my app in the /etc/profile file and it will be run at the boot time. But this process does not work after encryption, because fscrypt changes all files and directories name in the /home/pi. So how can I solve this problem?

[ebiggers]

If you're trying to run the application before the directory containing it has been unlocked, that's obviously not possible. If you're trying to run it when the directory is unlocked and it is still not working, see https://github.com/google/fscrypt#some-processes-cant-access-unlocked-encrypted-files.

[BigGitWorld]

The application works if I unlock it first. But how can I provide the encryption key so that nobody can read it in the sd card?I was thinking about hardware-based encryption to be able to save the encryption key in the raspberry pi. can anyone suggest me a solution?