Change the way we encrypt wallets locally

[ValentinTrinque]

The wallet is encrypted by using the passphrase directly. That passphrase may not have a high enough entropy to secure the wallet. You should use more appropriate mechanism for that.

Standard

Gold standard of KDF is Argon2id, but something like PBKDF2 are better than nothing

Format

MAGIC_BYTES || U16(version) || KDF_SETTINGS || CIPHERTEXT || AUTH_TAG || CHECKSUM

Then:

• can check the magic bytes to know the file is correct "format"
• check then version to see that it's something your decryption algorithm understands
• get settings for the key derivation function
• have cipher text and a authentication tag
• include a checksum if for a belt and suspenders approach.

We have to account for the following features support:

• https://github.com/vegaprotocol/vega/issues/7623

[ValentinTrinque]

This will need careful review from @emilbayes