identityd: make backup copies of Node keypair or store it in an hardware vault

[delandtj]

in case a node loses the disk where the Node Keypair is stored, there would be no other way than to re-register the node as a new one.

We should have a backup somewhere and verify at boot, that if we need to format the system disk, there are no backup copies of the keypair.

Questions:

• where do we put backups?
• to encrypt or not encrypt, that's the question

[DylanVerstraete]

What if we used vault? We can make it possible that the farmer can run his own instance of Vault on the threebot! It would make recovering his own keys even possible.

Let's say a farmer has the capability to initiate a backup for a specific node. in the farmer threebot he can authorize this request to store the node's keys in the vault.

If a node's keypair is wiped from a disk and reboots it will generate a new keypair. What if the farmer could select this specific node and execute a restore from a specific key in the vault, this node would then receive a signed request to access this specific key in the vault and restore it's keypair and nodeID!

[DylanVerstraete]

Maybe we can integrate this in a secure way for 3.0

[xmonader]

tpm related?