wallet: clean old key material before overwriting in SetKey #35056

pull flawlesscode254 wants to merge 1 commits into bitcoin:master from flawlesscode254:fix/clean-key-before-overwrite changing 2 files +16 −0

flawlesscode254 commented at 3:44 AM on April 12, 2026: none

When CCrypter::SetKey() is called on an instance that already has a key set (fKeySet=true), the old key and IV are overwritten without being cleansed first. This can leave sensitive key material in memory longer than necessary.

This fix adds a call to CleanKey() before overwriting the key when fKeySet is already true, ensuring old key material is securely wiped before new key data is written

wallet: clean old key material before overwriting in SetKey

When CCrypter::SetKey() is called on an instance that already has a key
set (fKeySet=true), the old key and IV are overwritten without being
cleansed first. This can leave sensitive key material in memory longer
than necessary.

This fix adds a call to CleanKey() before overwriting the key when
fKeySet is already true, ensuring old key material is securely wiped
before new key data is written.

Add a test case to verify the behavior works correctly.

2244b82cdc

DrahtBot added the label Wallet on Apr 12, 2026
DrahtBot commented at 3:44 AM on April 12, 2026: contributor



The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.



Reviews

See the guideline for information on the review process. A summary of reviews will appear here.
flawlesscode254 closed this on Apr 12, 2026

Contributors

flawlesscode254

DrahtBot

Labels

Wallet

wallet: clean old key material before overwriting in SetKey #35056

Reviews