Use the https://www.npmjs.com/package/secp256k1 to create and save a key pair to uniquely identify an xud node and to sign/verify messages and orders. Look into how this key can be saved to disk in encrypted format.
What's the common security practice of saving private keys in most wallet applications?
Why plain disk file and not the database?
And if it's encrypted, where will the encryption key be saved?
I'm most familiar with keys and other sensitive data being encrypted and saved to disk. Database is an option, but it's not something we'll be needing to query on any regular basis. I'm thinking it is decrypted on start and then kept in memory as long as xud is running. The encryption key wouldn't be saved, just remembered like a password.
Agree with Daniel's answer.
Then each xud launch will require a password input, if the user has one, and if he doesn't then a new private/public key pair will be created in accordance with a new password for him?
Yeah, I think launching on the first run would generate a new key and prompt the user to provide an optional encryption password. If the user provides a password, they'd need to enter it each time xud is started.
Close? @sangaman
I'll close when the encryption is merged.
Encryption part moved to Alpha: https://github.com/ExchangeUnion/xud/issues/184