Describe the enhancement

Per bitcoindevkit/bdk#1948, encrypting to disk is a desirable property for bindings users. In Rust, this is possible by using either rusqlite:bundled-sqlcipher or rusqlite:bundled-sqlcipher-vendored-openssl, which allows for a sqlite connection to be encrypted by using a pragma_update step.

let conn = Connection::open(PATH).unwrap();
conn.pragma_update(None, "MY_KEY", "MY_SECRET").unwrap();

While the bdk_wallet does not ship with this by default, it's trivial to just add the additional "bundled-sqlcipher-vendored-openssl" feature to a rusqlite import, so I would consider this completed.

Use case

Apparently there is some history of viruses/trojans snooping around for wallet.dat files. Either way, @andreasgriffin has at least made a case for encrypting user data multiple times, and it would be nice to have feature parity with Rust in this regard.

Additional context

The minreq client currently ships with rustls, and I recall somehow that the native-tls crate was a problem for bindings? If it was the case that minreq shipped with native-tls and rusqlite shipped with bundled OpenSSL, they should be able to share the OpenSSL implementation, but I will have to research both the binary size changes and if it is possible to link a shared openssl-sys dependency between minreq and rusqlite