-2
I am looking at Ripple API overview, and it looks to take a different approach from Bitcoin as to handling one's private keys. In Bitcoin, one requires to use a wallet and often a password to that wallet to create transactions. In Ripple, it looks like transactions that require one's private key need to have it passed as a parameter in a given JSON call (for example, the sign message). Does this mean that rippled does not store any information about a given user or a company that hosts it and connects to it? I do see a wallet.db file in the database folder, but I'm not sure what it's used for.
The "sign" API is only meant to be used if you happen to have a local trusted rippled and a secure connection to it. Real clients should instead sign transactions themselves. – dchapes – 2013-11-01T18:58:18.030