We strongly suggest that you do not use any entity/staking account that is generated with the file-based signer on the Mainnet.
In case you need to use the file-based signer, make sure you only use it on an offline/air-gapped machine. Gaining access to your entity's/staking account's private key can compromise your tokens.
You can hold your ROSE tokens via a private key stored in a file.
This option is only supported via our Oasis Node CLI tool. To set it up, follow the Oasis Node documentation: