...
| Warning | ||
|---|---|---|
| ||
Don't put keys in rulesets that are publicly hosted, on Github, for example. Any ruleset containing keys must be carefully stored so that only authorized parties can see them. See the Security Considerations section of the KRL documentation on |
But, putting the keys in the ruleset means that it can't be publicly hosted and we have to take special care to ensure the keys aren't exposed. Consequently, best practice is to store keys in a module specifically designed for keys. That way, you only have to be careful with modules you are aware have keys.
...