I just want to say that ORCA author, Devine Lu Linvega[1], is such a talented and creative person. He build complete ecosystem with it's own language, drag & drop theme support[2] and human readable DB format[3].
He and his girlfriend (cartoonist) Rekka Bell are sailing the ocean and working from their sailboat Pino[4].
Worth to mention that Brazil charged Intercept co-founder Glenn Greenwald with cybercrime charges similar to Assange.
The guy who first met Snowden in HK with Laura Poitras.
Even if it looks like they have "postponed" prosecution for now.
This is really interesting project. I have closed the webpage at first, because I thought it is closed source, but then found your repository on a github.
I do not want to make some promo for other projects, but how you achieve trust with the signed list of fingerprints, is something similar I have read earlier there: https://tech.firstlook.media/keylist-rfc-explainer
Shameless plug: For anybody interested in the cryptographic key management part there is a post about the hardware, people and processes behind the commercial cryptographic key management
https://www.malgregator.com/key-management.html
I really do not understand your frustration. We are running 5 node cluster in production with the keepalived and nobody needs to wake up unsealing if one, or two instances fail. Perfectly good to do it in the morning by copy pasting curl oneliner from the keepass.
If you are interested on day to day work in financial cryptography and hardware encryption modules, check:
https://www.malgregator.com/post/key-management/
Some predictions on future malware development (some of them confirmed by now):
https://www.malgregator.com/post/the-future-of-malware/the-f...
Or using modern smartcards like Yubikey with DevOps tools (Vault) by leveraging ancient technologies like pkcs11:
https://www.malgregator.com/post/vault-authentication-with-y...