feat: encrypt Stacks' store, keeping the encryption key in the macOS keychain

[cablehead]

Hopefully this is how the macOS keychain works:

Stacks automatically retrieves a stored key from the macOS Keychain upon system restart or user login, without requiring any user intervention, by using a predefined service and account name unique to Stacks. This process is secure because the Keychain item is protected by access controls that limit access solely to the Stacks application, preventing other apps or malware from accessing it. Additionally, macOS enforces application sandboxing and encrypts Keychain data, ensuring that even if unauthorized access to the machine occurs, the Keychain contents remain protected.

From @ntawileh:

your use case is probably more user-centric, so you want to do login keychain. And yes, it can be retrieved without user interaction as long as the user is logged in and it can/should also be scoped by the binary retrieving it so other apps running in the same user context cannot fetch it

if successfully, add this to the list of things to consider for linux and windows support