Must we recalculate so much cryptography on startup?

When we load our microdescs from sqlite, we find that they are indexed by their sha256 digests. Nonetheless, we recompute those digests on startup.

Similarly, when we reload a consensus from the store, we re-compute its digest and re-check its signatures.

This is likely the main reason that sha256 appears in our startup profiles. Should we consider having a mode where we don't re-verify these documents on reload?

This might be a security risk if we assume an adversary with write access to our cache. But if the adversary has write access to the cache, they probably can write to our other files too, which is probably sufficient to pwn us.

This is not a priority item for %Arti 1.0.0: Ready for production use.