Seed should neither be Clone nor Copy

It is better to not copy around secret data within our process to
make heartbleed-like attacks harder.
This commit is contained in:
Thomas Eizinger 2021-03-23 16:53:25 +11:00
parent 5860d511c9
commit 73f30320a6
No known key found for this signature in database
GPG Key ID: 651AC83A6C6C8B96
3 changed files with 6 additions and 7 deletions

View File

@ -101,7 +101,7 @@ async fn main() -> Result<()> {
} }
let bitcoin_wallet = let bitcoin_wallet =
init_bitcoin_wallet(electrum_rpc_url, seed, data_dir.clone(), env_config).await?; init_bitcoin_wallet(electrum_rpc_url, &seed, data_dir.clone(), env_config).await?;
let (monero_wallet, _process) = let (monero_wallet, _process) =
init_monero_wallet(data_dir, monero_daemon_host, env_config).await?; init_monero_wallet(data_dir, monero_daemon_host, env_config).await?;
let bitcoin_wallet = Arc::new(bitcoin_wallet); let bitcoin_wallet = Arc::new(bitcoin_wallet);
@ -183,7 +183,7 @@ async fn main() -> Result<()> {
} }
let bitcoin_wallet = let bitcoin_wallet =
init_bitcoin_wallet(electrum_rpc_url, seed, data_dir.clone(), env_config).await?; init_bitcoin_wallet(electrum_rpc_url, &seed, data_dir.clone(), env_config).await?;
let (monero_wallet, _process) = let (monero_wallet, _process) =
init_monero_wallet(data_dir, monero_daemon_host, env_config).await?; init_monero_wallet(data_dir, monero_daemon_host, env_config).await?;
let bitcoin_wallet = Arc::new(bitcoin_wallet); let bitcoin_wallet = Arc::new(bitcoin_wallet);
@ -223,7 +223,7 @@ async fn main() -> Result<()> {
electrum_rpc_url, electrum_rpc_url,
} => { } => {
let bitcoin_wallet = let bitcoin_wallet =
init_bitcoin_wallet(electrum_rpc_url, seed, data_dir, env_config).await?; init_bitcoin_wallet(electrum_rpc_url, &seed, data_dir, env_config).await?;
let resume_state = db.get_state(swap_id)?.try_into_bob()?.into(); let resume_state = db.get_state(swap_id)?.try_into_bob()?.into();
let cancel = let cancel =
@ -248,7 +248,7 @@ async fn main() -> Result<()> {
electrum_rpc_url, electrum_rpc_url,
} => { } => {
let bitcoin_wallet = let bitcoin_wallet =
init_bitcoin_wallet(electrum_rpc_url, seed, data_dir, env_config).await?; init_bitcoin_wallet(electrum_rpc_url, &seed, data_dir, env_config).await?;
let resume_state = db.get_state(swap_id)?.try_into_bob()?.into(); let resume_state = db.get_state(swap_id)?.try_into_bob()?.into();
@ -260,7 +260,7 @@ async fn main() -> Result<()> {
async fn init_bitcoin_wallet( async fn init_bitcoin_wallet(
electrum_rpc_url: Url, electrum_rpc_url: Url,
seed: Seed, seed: &Seed,
data_dir: PathBuf, data_dir: PathBuf,
env_config: Config, env_config: Config,
) -> Result<bitcoin::Wallet> { ) -> Result<bitcoin::Wallet> {

View File

@ -15,7 +15,7 @@ use std::path::{Path, PathBuf};
pub const SEED_LENGTH: usize = 32; pub const SEED_LENGTH: usize = 32;
#[derive(Clone, Copy, Eq, PartialEq)] #[derive(Eq, PartialEq)]
pub struct Seed([u8; SEED_LENGTH]); pub struct Seed([u8; SEED_LENGTH]);
impl Seed { impl Seed {

View File

@ -43,7 +43,6 @@ pub struct StartingBalances {
pub btc: bitcoin::Amount, pub btc: bitcoin::Amount,
} }
#[derive(Clone)]
struct BobParams { struct BobParams {
seed: Seed, seed: Seed,
db_path: PathBuf, db_path: PathBuf,