Does zwave store security keys in Non-Volatile-Memory?

[Xander-MartinLvl]

Hey All,
I'm attempting to migrate from a difficult to work with ZWave Controller to zwave-js. I'm having difficulties recovering the security keys.
I'm finding conflicting information across a variety of sources, so I bet this would be a good place to directly ask:

Does the Zwave spec store security keys in NVM?

I see how this could be an issue: if you compromise the chip you then have access to encrypted communication between the controller and the nodes; however, if keys are not stored in NVM, you'll still have access to the nodes unencrypted with random security keys.

I appreciate the information!

[robertsLando]

@AlCalzone has the answer

[AlCalzone]

End devices do, the controller and Z-Wave JS don't.

With the correct hardware it might be possible to pull them from the end device flash, but there may be some flash encryption involved.