I experimented a bit with this while working with the Wallet RPC; we can clear the HD Wallets, the HTTP request, and have the RPC route take in a password which is then by passed by pointer, cleared when it unlocks the wallet. The problem is the password remains in the parsed JSON.
I'm creating an issue instead of fixing this as part of the new RPC as I'm not sure how to handle this comprehensively thanks to the JSON, as well as due to the annoyances involved with it. We may end up with a security model of "the password is there to stop disk theft; not memory theft, though it may help with that". Even if we adopt such a policy, we should still zero when possible (as it would help somewhat, if not most of the way).
I experimented a bit with this while working with the Wallet RPC; we can clear the HD Wallets, the HTTP request, and have the RPC route take in a password which is then by passed by pointer, cleared when it unlocks the wallet. The problem is the password remains in the parsed JSON.
I'm creating an issue instead of fixing this as part of the new RPC as I'm not sure how to handle this comprehensively thanks to the JSON, as well as due to the annoyances involved with it. We may end up with a security model of "the password is there to stop disk theft; not memory theft, though it may help with that". Even if we adopt such a policy, we should still zero when possible (as it would help somewhat, if not most of the way).