i forget where i saw it implemented... maybe i even wrote an RPC recently that lets you do that unlock remotely so it never touches the disk... oh, no, it was my former sponsor... let me see...

GitHub

indra/pkg/storage at 089a0df491fd76ac393875053625f9fd4fdbe140 · indra-labs/indra

Distributed Virtual Private Network Powered By Bitcoin Lightning - indra-labs/indra

uses protobuf - you will see the proto and the generated pb.go code in there, that is an unlocker that stays off-disk a second best option is using an environment variable, you can protect that behind root privileges