Hello everybody.
I am a newbie with Vault.
And what I wonder is whether it is really safe to save wallet information .env using vault.
If I use vault, then we will keep the data (wallet information) on central database.
And we will fetch this information in app.
Let’s assume I use node.js app with vault for sensitive data.
And what if an attacker crack into the app process, then he will see the wallet information?
Since in this process, we fetch the wallet information from vault db, so the ones who crack into process, also see the wallet info.
I used the policy “read”.
Can anybody explain this scenario?
Thank you.