security: Replace memset with memory_cleanse for sensitive data clearing #34600

pull embetrix wants to merge 1 commits into bitcoin:master from embetrix:feature/secure-erase-keys changing 2 files +8 −5
  1. embetrix commented at 4:10 pm on February 16, 2026: none

    memset calls used to clear sensitive cryptographic material can be optimized away by the compiler as “dead stores” when the buffer is not used afterward (e.g., before return or in destructors).

    Replace with memory_cleanse() which uses memory barriers to prevent this optimization, ensuring secrets are actually cleared from memory.

    Affected locations:

    • key.cpp: Secret key buffer after failed ec_seckey_import_der validation
    • aes.cpp: AES-256 key schedules and IVs in destructors

    This prevents potential key material leakage in memory after use.

    Fix: #31744

  2. security: Replace memset with memory_cleanse for sensitive data clearing 
    memset calls used to clear sensitive cryptographic material can be
optimized away by the compiler as "dead stores" when the buffer is not
used afterward (e.g., before return or in destructors).

Replace with memory_cleanse() which uses memory barriers to prevent
this optimization, ensuring secrets are actually cleared from memory.

Affected locations:
- key.cpp: Secret key buffer after failed ec_seckey_import_der validation
- aes.cpp: AES-256 key schedules and IVs in destructors

This prevents potential key material leakage in memory after use.
    d61bcc4e6d
  3. DrahtBot commented at 4:10 pm on February 16, 2026: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

  4. holepoed commented at 4:19 pm on February 16, 2026: none

    UnsuscribeEl 16 feb 2026 13:15, DrahtBot @.***> escribió:DrahtBot left a comment (bitcoin/bitcoin#34600)

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Reviews See the guideline for information on the review process. A summary of reviews will appear here.

    —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: @.***>

  5. fanquake commented at 4:25 pm on February 16, 2026: member
    Dupe of #31774.
  6. fanquake closed this on Feb 16, 2026
  7. embetrix commented at 4:27 pm on February 16, 2026: none
    @fanquake why was it closed ? the fix is clearly not duplicate! can you elaborate ?
  8. sedited commented at 5:10 pm on February 16, 2026: contributor

    the fix is clearly not duplicate! can you elaborate ?

    From what I can tell it seems to be, yes. If you see something that is missing in #31774, leave a review comment on it.

  9. embetrix commented at 5:14 pm on February 16, 2026: none
    I don’t see it that way ! please check and compare again…the #31774 is trying to go beyond the original issue: https://github.com/bitcoin/bitcoin/issues/31744


embetrix DrahtBot holepoed fanquake sedited

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-02-17 06:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me