@TheFuzzStone Ok that's fine, then you have data encryption at rest. I was just commenting on the "separate your wallets from the host" part ... because, if your host gets compromised, in the sense that an attacker can copy arbitrary data and sniff keyboard strokes, then having a VM running on that host won't help because the attacker will see the password when you type it in.