Current behavior:Felt does not implement any zeroizing when it is dropped, opening the door for potential memory read attacks on sensitive information such as private keys.
Expected behavior:
Felt should implement #[derive(ZeroizeOnDrop)] or similar to allow memory zeroing when dropped. This could be feature-gated.
Given Felt is currently based on lambdaworks-mathFieldElement, and this does not implement any zeroing logic, either a manual implementation using ptr::write_volatile and atomic::compiler_fence or an update to lambdaworks-math would be needed.
While there certainly are more common ways to leak sensitive cryptographic information like private keys, it seems like for something in our control such as in-memory representation we should at least provide this as an option.
Bug Report
types-rs version: 7ef3023
Current behavior:
Feltdoes not implement any zeroizing when it is dropped, opening the door for potential memory read attacks on sensitive information such as private keys.Expected behavior:
Feltshould implement#[derive(ZeroizeOnDrop)]or similar to allow memory zeroing when dropped. This could be feature-gated.Given
Feltis currently based onlambdaworks-mathFieldElement, and this does not implement any zeroing logic, either a manual implementation usingptr::write_volatileandatomic::compiler_fenceor an update tolambdaworks-mathwould be needed.A relevant issue has been opened there as well.
Other information:
While there certainly are more common ways to leak sensitive cryptographic information like private keys, it seems like for something in our control such as in-memory representation we should at least provide this as an option.