Zeroize proof builder secrets on drop

core/Cargo.toml

@@ -27,6 +27,7 @@ siphasher = "0.2"
 uuid = { version = "0.6", features = ["serde", "v4"] }
 log = "0.4"
 chrono = { version = "0.4.4", features = ["serde"] }
+zeroize = "0.8"
 
 grin_keychain = { path = "../keychain", version = "1.1.0-beta.2" }
 grin_util = { path = "../util", version = "1.1.0-beta.2" }

core/src/lib.rs

@@ -36,6 +36,7 @@ extern crate log;
 use failure;
 #[macro_use]
 extern crate failure_derive;
+extern crate zeroize;
 #[macro_use]
 pub mod macros;
 

core/src/libtx/proof.rs

@@ -21,6 +21,7 @@ use crate::libtx::error::{Error, ErrorKind};
 use crate::util::secp::key::SecretKey;
 use crate::util::secp::pedersen::{Commitment, ProofMessage, RangeProof};
 use crate::util::secp::{self, Secp256k1};
+use crate::zeroize::Zeroize;
 use std::convert::TryFrom;
 
 /// Create a bulletproof
@@ -234,6 +235,25 @@ where
 	}
 }
 
+impl<'a, K> Zeroize for ProofBuilder<'a, K>
+where
+	K: Keychain,
+{
+	fn zeroize(&mut self) {
+		self.rewind_hash.zeroize();
+		self.private_hash.zeroize();
+	}
+}
+
+impl<'a, K> Drop for ProofBuilder<'a, K>
+where
+	K: Keychain,
+{
+	fn drop(&mut self) {
+		self.zeroize();
+	}
+}
+
 /// The legacy proof builder, used before the first hard fork
 pub struct LegacyProofBuilder<'a, K>
 where
@@ -325,6 +345,24 @@ where
 	}
 }
 
+impl<'a, K> Zeroize for LegacyProofBuilder<'a, K>
+where
+	K: Keychain,
+{
+	fn zeroize(&mut self) {
+		self.root_hash.zeroize();
+	}
+}
+
+impl<'a, K> Drop for LegacyProofBuilder<'a, K>
+where
+	K: Keychain,
+{
+	fn drop(&mut self) {
+		self.zeroize();
+	}
+}
+
 impl ProofBuild for ViewKey {
 	fn rewind_nonce(&self, secp: &Secp256k1, commit: &Commitment) -> Result<SecretKey, Error> {
 		let res = blake2b(32, &commit.0, &self.rewind_hash);