Skip to content

refactor(key-wallet): derive Zeroize on WalletType and wipe on drop #780

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
xdustinface merged 1 commit into from
May 20, 2026
Merged

refactor(key-wallet): derive Zeroize on WalletType and wipe on drop #780

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 7 additions & 36 deletions key-wallet/src/wallet/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ use serde::{Deserialize, Serialize};
use zeroize::Zeroize;

/// Type of wallet based on how it was created
#[derive(Debug, Clone)]
#[derive(Debug, Clone, Zeroize)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
#[cfg_attr(feature = "bincode", derive(Encode, Decode))]
pub enum WalletType {
Expand Down Expand Up @@ -152,42 +152,13 @@ impl fmt::Display for Wallet {
// Manual implementation of Zeroize for Wallet
impl Zeroize for Wallet {
fn zeroize(&mut self) {
// Zeroize the wallet ID
self.wallet_id.zeroize();

// Zeroize the wallet type - handle each variant's sensitive data
match &mut self.wallet_type {
WalletType::Mnemonic {
mnemonic,
root_extended_private_key,
} => {
// Zeroize the mnemonic (now possible since it implements Zeroize)
mnemonic.zeroize();
// We can't zeroize SecretKey directly, but we can zeroize the chain code
root_extended_private_key.zeroize();
// Note: root_extended_private_key.root_private_key (SecretKey) doesn't implement Zeroize
}
WalletType::Seed {
seed,
root_extended_private_key,
} => {
// We can't zeroize Seed directly as it doesn't implement Zeroize yet
// But we can zeroize the RootExtendedPrivKey
root_extended_private_key.zeroize();
seed.zeroize();
}
WalletType::ExtendedPrivKey(root_extended_private_key) => {
// Zeroize the chain code
root_extended_private_key.zeroize();
// Note: root_private_key (SecretKey) doesn't implement Zeroize
}
WalletType::ExternalSignable | WalletType::WatchOnly => {
// Unit variants carry no key material; nothing sensitive to zeroize.
}
}
self.wallet_type.zeroize();
}
}

// Clear the accounts map, only public keys here so no need to go hardcore on zeroization
self.accounts.clear();
impl Drop for Wallet {
fn drop(&mut self) {
self.zeroize();
}
}

Expand Down
9 changes: 8 additions & 1 deletion key-wallet/src/wallet/root_extended_keys.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ use dashcore_hashes::{sha512, Hash, HashEngine, Hmac, HmacEngine};
use secp256k1::Secp256k1;
#[cfg(feature = "serde")]
use serde::{Deserialize, Serialize};
use zeroize::Zeroize;

#[derive(Debug, Clone)]
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
Expand All @@ -21,13 +22,19 @@ pub struct RootExtendedPrivKey {
pub root_chain_code: ChainCode,
}

impl zeroize::Zeroize for RootExtendedPrivKey {
impl Zeroize for RootExtendedPrivKey {
fn zeroize(&mut self) {
self.root_private_key.non_secure_erase();
self.root_chain_code.zeroize();
}
}

impl Drop for RootExtendedPrivKey {
fn drop(&mut self) {
self.zeroize();
}
}

impl RootExtendedPrivKey {
/// Create a new RootExtendedPrivKey
pub fn new(root_private_key: secp256k1::SecretKey, root_chain_code: ChainCode) -> Self {
Expand Down
Loading