i forget where i saw it implemented... maybe i even wrote an RPC recently that lets you do that unlock remotely so it never touches the disk...

oh, no, it was my former sponsor... let me see...

https://github.com/indra-labs/indra/tree/089a0df491fd76ac393875053625f9fd4fdbe140/pkg/storage

uses protobuf - you will see the proto and the generated pb.go code in there, that is an unlocker that stays off-disk

a second best option is using an environment variable, you can protect that behind root privileges 

 This sounds super interesting. I’m not too familiar with go or gRPC but would love to understand the mechanics of this off disk unlock or remote signing. 

AFK right now but I’ll have a look later and might send a few questions. 

 it's pretty simple... just a different interface than keyboard input or a file or an environment variable

it was written as it was intended to be possible to avoid storing any sensitive data at rest on indra relays for the lightning network setup, probably should be paired with a lock signal as well that is easy to trigger