Skip to content

Better wallet unlock error handling#641

Open
nullcopy wants to merge 2 commits into
mainfrom
fix/clear-cached-age-ids
Open

Better wallet unlock error handling#641
nullcopy wants to merge 2 commits into
mainfrom
fix/clear-cached-age-ids

Conversation

@nullcopy

@nullcopy nullcopy commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Supersedes #467
COR-1594

nullcopy and others added 2 commits July 17, 2026 22:03
`age` pulls in `x25519-dalek` with only the `static_secrets` feature, so the
`StaticSecret` inside each native age identity was not overwritten in memory
when cached identities were dropped during `walletlock` or auto-relock.

Depend on `x25519-dalek` directly with the `zeroize` feature so cargo feature
unification enables zeroize-on-drop for the single copy in the graph. With this
in place, the existing `Vec::clear()` on the identity cache is sufficient to
wipe the secrets; no manual clearing is required.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ck deadline

`KeyStore::unlock` computes an absolute re-lock deadline as
`SystemTime::now() + Duration::from_secs(timeout)`, which panics with "overflow
when adding duration to SystemTime" for large caller-supplied `timeout` values.

Validate `timeout` in the `walletpassphrase` RPC handler and return an
`InvalidParameter` error for values that would overflow, so the caller learns to
pick a smaller value instead of triggering an internal error. The requested
timeout is otherwise honored exactly and remains uncapped.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@nullcopy
nullcopy force-pushed the fix/clear-cached-age-ids branch from 88885a6 to 7ea5c71 Compare July 18, 2026 03:04
@nullcopy
nullcopy requested a review from nuttycom July 18, 2026 03:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant