At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide. Full-disk encryption can be enabled at the OS level on most desktop platforms.

That’s how encryption keys are typically stored.

If someone has enough access to your system that they can get to your stored encryption keys, you have much bigger problems.

Next in the news: cloud infrastructure engineer had ssh keys in plain text on their MacBook exposing 99999 servers! Everything you ever stored on the internet is potentially compromised!