Design doc: Add support for satellite-managed encryption passphrases

[mobyvb]

We have users who are interested in using distributed storage, but may not be interested in saving and managing their own encryption passphrases.

Goal: make it possible for a newly-created project to store necessary encryption credentials in the satellite database, so that user never needs to enter an encryption passphrase when creating an access grant, setting up uplink, viewing files in the satellite UI, etc...

• This may require a backwards-incompatible uplink change, which needs to be discussed
• the satellite UI will need to be updated so that user is not unnecessarily/incorrectly prompted for passphrase if a project was created in this way
• files are still stored the same way from a metainfo/storagenode perspective. The only difference is that the satellite is capable of deriving the encryption key from the DB, rather than requiring the user to provide a passphrase.

AC:

• write a brief overview of the necessary work to implement the above, with focus on:
  • satellite database schema updates that are necessary
  • how and where encryption passphrase should be derived if project is set as "satellite-managed" (uplink vs. satellite?)
  • how will uplink backwards compatibility be affected if we make this change?
• cc @ferristocrat when it is ready for code review
• it should also be reviewed by:
  • two engineers on the Console team
  • one representative from the Satellite team
  • one representative from the Delivery team

[mobyvb]

TODO: link to designs and roadmap items
storj/roadmap#94

[storjrobot]

This issue has been mentioned on Storj Community Forum (official). There might be relevant details there:

https://forum.storj.io/t/how-to-avoid-edited-tag-in-posts/25050/17