Don't store the seed entropy, even if encrypted (password is in OS keystore). Instead store the derived key pairs directly. This will provide for added security (phone compromise is not necessarily a seed compromise any more). It will also make #1427 trivial
Current idea is to use the persona table to store the generated keys (encrypting the privateKey of course) and DID.
Description
Don't store the seed entropy, even if encrypted (password is in OS keystore). Instead store the derived key pairs directly. This will provide for added security (phone compromise is not necessarily a seed compromise any more). It will also make #1427 trivial
Current idea is to use the
persona
table to store the generated keys (encrypting the privateKey of course) and DID.