HomePhabricator

Zero out wallet master key upon lock

Description

Zero out wallet master key upon lock

Summary:
When an encrypted wallet is locked (for instance via the
RPC walletlock), the docs indicate that the key is
removed from memory. However, the vector (with a secure
allocator) is merely cleared. This allows the key to persist
indefinitely in memory. Instead, manually fill the bytes with
zeroes before clearing.

This is a backport of core#27080

Test Plan: ninja all check-all

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Differential Revision: https://reviews.bitcoinabc.org/D13327

Details

Provenance
John Moffett <john.moff@gmail.com>Authored on Feb 10 2023, 21:13
PiRKCommitted on Mar 14 2023, 13:58
PiRKPushed on Mar 14 2023, 13:58
Reviewer
Restricted Project
Differential Revision
D13327: Zero out wallet master key upon lock
Parents
rABC86c2371f6147: [alias-server] Cache confirmed tx history of registration address
Branches
Unknown
Tags
Unknown