Hash verification draft
Condensation's security model relies on the verification of hashes when retrieving objects from a store. If hashes are not verified, malicious data modification will remain unnoticed.
However, hash verification also entails a computational overhead. While SHA256 is a fairly fast and efficient algorithm, hash verification will consume additional energy and time.
Hence, hash verification (e.g. through chaining a hash verification store) should be used consideredly. As a rule of thumb, hash verification should be done for remote stores, but not for local stores.
Hash verification will not add any security if the attacker has access to the private key. This is typically the case on the applications's device, where the application – by design – needs to have access to the private key.
Exceptions are high-security settings, where the private key remains in a protected area, while the store is easily accessible. Conceptually, one could consider this a remote store (relative to the private key).
For remote stores, hashes should always be verified inside the application.