Skip to content

Prevent unencrypted private keys from being written to wallet.dat #635

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gavinandresen merged 3 commits into from
Nov 15, 2011
Merged

Prevent unencrypted private keys from being written to wallet.dat #635

gavinandresen merged 3 commits into from
Nov 15, 2011

Conversation

@gavinandresen
Copy link
Contributor

@gavinandresen gavinandresen commented Nov 12, 2011

Unencrypted private keys could remain in the wallet.dat file (and other berkely db database files) after wallet encryption.

This pull request does several things to fix the problem:

  1. Completely rewrites the wallet.dat file upon encryption.

  2. Removes all keys from the keypool so they will not be used for new transactions (they are encrypted and stored in the new wallet, in case any bitcoins are sent to them).

  3. Modifies the database code so temporary database files are cleaned up when bitcoin shuts down

  4. Successful encryption of the wallet is now followed by a shutdown, so old unencrypted private keys that might have been in the database's caches will not be written to the new, encrypted wallet file.

@laanwj
Copy link
Member

laanwj commented Nov 13, 2011

ACK -- only a small issue that can wait:

  • The CreateThread(Shutdown, NULL) in bitcoinrpc.cpp should eventually be replaced with something that is safe with the GUI (just like needs to be done when calling 'stop'), as it will result in a race condition and segmentation fault. But for now, I think the number of users that use RPC to encrypt the wallet while running the UI is exactly zero.

gavinandresen added a commit that referenced this pull request Nov 15, 2011
@gavinandresen
Merge pull request #635 from gavinandresen/encryptionbug
b6d11a3 
Prevent unencrypted private keys from being written to wallet.dat
@gavinandresen gavinandresen merged commit b6d11a3 into bitcoin:master Nov 15, 2011
coblee referenced this pull request in litecoin-project/litecoin Jul 17, 2012
@gavinandresen
Merge pull request #635 from gavinandresen/encryptionbug
eab160c 
Prevent unencrypted private keys from being written to wallet.dat
ptschip pushed a commit to ptschip/bitcoin that referenced this pull request Jun 6, 2017
@gandrewstone
Merge pull request bitcoin#635 from ptschip/release_bitnodes
27bc272 
[Backport to Release PR627] Move bitnodes seeding to be after DNS seeding.
Losangelosgenetics pushed a commit to Losangelosgenetics/bitcoin that referenced this pull request Mar 12, 2020
Removed {. .} (closes bitcoin#635)
587dea3
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gavinandresen @laanwj @sipa