diff --git a/chanbackup/crypto.go b/chanbackup/crypto.go
index 8fdb46f68..fa7d862ca 100644
--- a/chanbackup/crypto.go
+++ b/chanbackup/crypto.go
@@ -15,15 +15,15 @@ import (
 // TODO(roasbeef): interface in front of?
 
 // baseEncryptionKeyLoc is the KeyLocator that we'll use to derive the base
-// encryption key used for encrypting all static channel backups. We use this
-// to then derive the actual key that we'll use for encryption. We do this
+// encryption key used for encrypting all payloads. We use this to then
+// derive the actual key that we'll use for encryption. We do this
 // rather than using the raw key, as we assume that we can't obtain the raw
 // keys, and we don't want to require that the HSM know our target cipher for
 // encryption.
 //
 // TODO(roasbeef): possibly unique encrypt?
 var baseEncryptionKeyLoc = keychain.KeyLocator{
-	Family: keychain.KeyFamilyStaticBackup,
+	Family: keychain.KeyFamilyBaseEncryption,
 	Index:  0,
 }
 
diff --git a/chanbackup/single.go b/chanbackup/single.go
index 6aee903b7..f0c3a6f83 100644
--- a/chanbackup/single.go
+++ b/chanbackup/single.go
@@ -333,10 +333,10 @@ func (s *Single) Serialize(w io.Writer) error {
 // global counter to use as a sequence number for nonces, and want to ensure
 // that we're able to decrypt these blobs without any additional context. We
 // derive the key that we use for encryption via a SHA2 operation of the with
-// the golden keychain.KeyFamilyStaticBackup base encryption key.  We then take
-// the serialized resulting shared secret point, and hash it using sha256 to
-// obtain the key that we'll use for encryption. When using the AEAD, we pass
-// the nonce as associated data such that we'll be able to package the two
+// the golden keychain.KeyFamilyBaseEncryption base encryption key.  We then
+// take the serialized resulting shared secret point, and hash it using sha256
+// to obtain the key that we'll use for encryption. When using the AEAD, we
+// pass the nonce as associated data such that we'll be able to package the two
 // together for storage. Before writing out the encrypted payload, we prepend
 // the nonce to the final blob.
 func (s *Single) PackToWriter(w io.Writer, keyRing keychain.KeyRing) error {
diff --git a/keychain/derivation.go b/keychain/derivation.go
index 2dea6047b..21996c650 100644
--- a/keychain/derivation.go
+++ b/keychain/derivation.go
@@ -102,12 +102,11 @@ const (
 	// p2p level (BOLT-0008).
 	KeyFamilyNodeKey KeyFamily = 6
 
-	// KeyFamilyStaticBackup is the family of keys that will be used to
-	// derive keys that we use to encrypt and decrypt our set of static
-	// backups. These backups may either be stored within watch towers for
-	// a payment, or self stored on disk in a single file containing all
-	// the static channel backups.
-	KeyFamilyStaticBackup KeyFamily = 7
+	// KeyFamilyBaseEncryption is the family of keys that will be used to
+	// derive keys that we use to encrypt and decrypt any general blob data
+	// like static channel backups and the TLS private key. Often used when
+	// encrypting files on disk.
+	KeyFamilyBaseEncryption KeyFamily = 7
 
 	// KeyFamilyTowerSession is the family of keys that will be used to
 	// derive session keys when negotiating sessions with watchtowers. The
@@ -133,7 +132,7 @@ var VersionZeroKeyFamilies = []KeyFamily{
 	KeyFamilyDelayBase,
 	KeyFamilyRevocationRoot,
 	KeyFamilyNodeKey,
-	KeyFamilyStaticBackup,
+	KeyFamilyBaseEncryption,
 	KeyFamilyTowerSession,
 	KeyFamilyTowerID,
 }