Author

Topic: Does Armory ever expose unencrypted private keys to memory or hard drive? (Read 577 times)

pf
full member
Activity: 176
Merit: 105
All crypto sensitive material goes through SecureBinaryData objects, which is C++ code, with it's memory explicitly mlock'd. That code is made available to Python through SWIG, but the actual memory is managed by code in the C++ shared library.
Thanks, you guys really know what you're doing! I'm feeling better already. Smiley
legendary
Activity: 3738
Merit: 1360
Armory Developer
All crypto sensitive material goes through SecureBinaryData objects, which is C++ code, with it's memory explicitly mlock'd. That code is made available to Python through SWIG, but the actual memory is managed by code in the C++ shared library.
pf
full member
Activity: 176
Merit: 105
It does unlock private keys into RAM when signing, and yes the RAM is mlock'd.

Can python be trusted to mlock properly, given how high level it is - as opposed to C/C++ which is closer to the hardware (Bitcoin Core).
legendary
Activity: 3738
Merit: 1360
Armory Developer
It does unlock private keys into RAM when signing, and yes the RAM is mlock'd.

If you create an unencrypted wallet or remove encryption from a wallet, private keys will hit your permanent storage.
pf
full member
Activity: 176
Merit: 105
(First of all, sorry about spamming this forum today. I just have a lot of questions. I'll make this my last thread today.)

Does Armory ever, under any circumstances, write out unencrypted private keys to memory or the hard drive, and if it does write it out to memory, does it use something like mlock() to guarantee that it will never be written to swap?
Jump to: