Zero out wallet master key upon lock

When an encrypted wallet is locked (for instance via the RPC `walletlock`), the docs indicate that the key is removed from memory. However, the vector (with a secure allocator) is merely cleared. This allows the key to persist indefinitely in memory. Instead, manually fill the bytes with zeroes before clearing. Github-Pull: #27080 Rebased-From: 3a11adc
bitcoin · Feb 20, 2023 · 64e7db6 · 64e7db6
1 parent b7e242e
commit 64e7db6
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/src/wallet/wallet.cpp b/src/wallet/wallet.cpp
@@ -25,6 +25,7 @@
 #include <script/descriptor.h>
 #include <script/script.h>
 #include <script/signingprovider.h>
+#include <support/cleanse.h>
 #include <txmempool.h>
 #include <util/bip32.h>
 #include <util/check.h>
@@ -3293,7 +3294,10 @@ bool CWallet::Lock()
 
     {
         LOCK(cs_wallet);
-        vMasterKey.clear();
+        if (!vMasterKey.empty()) {
+            memory_cleanse(vMasterKey.data(), vMasterKey.size() * sizeof(decltype(vMasterKey)::value_type));
+            vMasterKey.clear();
+        }
     }
 
     NotifyStatusChanged(this);