Key Management

Key Management - Backend

Location: backend-veri-wallet/data/keypair.json
Algorithm: AES-256-GCM with a 32-byte key derived via scrypt from KEYPAIR_PASSPHRASE
Passphrase: KEYPAIR_PASSPHRASE (environment variable, required). Without it, the service will refuse to start.
Startup behavior: The service encrypts and persists the keypair using the passphrase. On subsequent starts, it decrypts the envelope into memory.

Using `KEYPAIR_PASSPHRASE`

Set the passphrase in your environment before starting the service:

export KEYPAIR_PASSPHRASE="strong-passphrase"
npm run start:dev   # or npm run start / start:prod

Use a strong, secret value (do not commit it). In production, inject it via your secrets manager or deployment environment, not in code or version control.

Key Management - Backend​

Using KEYPAIR_PASSPHRASE​

Key Management - Backend

Using `KEYPAIR_PASSPHRASE`