I've got an idea for an app that would require it to keep a private key. If this key were compromised it would have severe security implications for the user.<p>I'm wondering how possible it would be to make such an app secure. What attack vectors should I be thinking about? Is this something that should only be attempted on a hardened handset... or not at all? Any ideas or feedback greatly appriciated.