Two bits of boolean state are introduces to track whether or not:
- an error has occurred
- accounts have been loaded from storage yet
This change paves the way for having error handling UX.
With this change token secrets are encrypted prior to writing them to
storage, and decrypted as and when needed to generate tokens. Additional
validation is performed to verify that token secrets can be decrypted
successfully when loading accounts from storage.
With this change issue #6 should finally be resolved.
With this change an unlock stage is introduced to loading account storage.
Key derivation parameters for a master key are recorded, and the master
password may be supplied to "unlock" the account secret(s) in storage.
This change paves the way for actually decrypting encrypted account
secrets later, and finally solving issue #6.