Problem
Our documentation currently includes multiple examples using --encrypt-keystore false, which disables keystore encryption. This is not a good security practice that should be recommended in our guides.
Affected Files
Based on a codebase scan, the following files contain this flag:
- README.md (2 occurrences)
- AGENTS.md (3 occurrences)
- docs/docs/users/guides/methods_filtering.md (1 occurrence)
- docs/docs/users/getting_started/install.md (2 occurrences)
- docs/docs/developers/guides/trace_call_guide.md (2 occurrences)
- docs/docs/developers/guides/state_migration_guide.md (4 occurrences)
Total: 14 occurrences across 6 files
Proposed Solution
Remove --encrypt-keystore false from all documentation examples. For headless/automation scenarios, we should instead recommend:
- Using the
FOREST_KEYSTORE_PHRASE environment variable
- Referencing secure secrets management approaches (e.g., systemd-creds)
Context
Problem
Our documentation currently includes multiple examples using
--encrypt-keystore false, which disables keystore encryption. This is not a good security practice that should be recommended in our guides.Affected Files
Based on a codebase scan, the following files contain this flag:
Total: 14 occurrences across 6 files
Proposed Solution
Remove
--encrypt-keystore falsefrom all documentation examples. For headless/automation scenarios, we should instead recommend:FOREST_KEYSTORE_PHRASEenvironment variableContext
Forest.EthTraceCall#6412Forest.EthTraceCall#6412 (comment)