An Ed25519 key pair is generated on first use via OS entropy. The signing key and verifying key are stored as hex-encoded files at ~/.ledgerful/keys/private.key and ~/.ledgerful/keys/public.pem (Windows: %USERPROFILE%\.ledgerful\keys\). The SOC2 evidence ZIP is generated entirely from local data; the manifest, signature, hashes, ledger CSV, verification history, and ADR files never leave the host during export.
Hardware-backed key storage, hosted KMS, SSO/SCIM, and RBAC are enterprise planned. They require the future hosted control plane and are not implemented in the local daemon.