In the Bluetooth Light Controller example for the client, in provisioner.c
this beautiful comment can be found:
/* Provisioning encryption key storage (this is not how you should store your keys). */
static uint8_t m_public_key[NRF_MESH_PROV_PUBKEY_SIZE];
static uint8_t m_private_key[NRF_MESH_PROV_PRIVKEY_SIZE];
But how should keys be stored?