Secure Key Store
Component Detail
Infrastructure
medium complexity
mobile
0
Dependencies
0
Dependents
1
Entities
0
Integrations
Description
Flutter Secure Storage wrapper that persists asymmetric private keys in the platform secure enclave - Keychain on iOS and Android Keystore on Android. Provides a typed interface for key CRUD operations and ensures private key material is never written to unencrypted storage or transmitted over the network.
secure-key-store
Sources & reasoning
Private keys must never leave the device or be stored in plaintext. Flutter Secure Storage backed by Keychain/Keystore is the only platform-appropriate storage for this material. Wrapping it in a dedicated infrastructure component isolates the security boundary and prevents accidental key exposure in other layers.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Write private key bytes to Flutter Secure Storage under a tenant-scoped key
- Read private key for decryption operations without exposing raw bytes beyond the Encryption Service
- Delete key on account removal or tenant change
- Guard against key material appearing in logs, crash reports, or network calls
Interfaces
storePrivateKey(tenantId, keyBytes) → Future<void>
loadPrivateKey(tenantId) → Future<Uint8List?>
deletePrivateKey(tenantId) → Future<void>
hasPrivateKey(tenantId) → Future<bool>