Skip to content

Security: Private Keys Can Be Logged#1616

Open
tomaioo wants to merge 1 commit into
genlayerlabs:mainfrom
tomaioo:fix/security/private-keys-can-be-logged
Open

Security: Private Keys Can Be Logged#1616
tomaioo wants to merge 1 commit into
genlayerlabs:mainfrom
tomaioo:fix/security/private-keys-can-be-logged

Conversation

@tomaioo
Copy link
Copy Markdown

@tomaioo tomaioo commented May 4, 2026
edited by coderabbitai Bot
Loading

Summary

Security: Private Keys Can Be Logged

Problem

Severity: High | File: backend/protocol_rpc/message_handler/types.py:L16

The function show_validator_private_keys_in_logs() in message_handler/types.py allows private keys to be logged via the SHOW_VALIDATOR_PRIVATE_KEYS_IN_LOGS environment variable. Even though there's sanitization, enabling this environment variable defeats the purpose of keeping keys secret.

Solution

Remove the SHOW_VALIDATOR_PRIVATE_KEYS_IN_LOGS environment variable option entirely. Private keys should never be logged under any circumstances. The environment variable and related functions should be removed.

Changes

  • backend/protocol_rpc/message_handler/types.py (modified)

Summary by CodeRabbit

Release Notes

  • Bug Fixes
    • Removed the option to expose validator private keys in logs. All private key data is now consistently redacted from logs without exception, enhancing security.

@tomaioo
fix(security): private keys can be logged
d435eb7 
The function show_validator_private_keys_in_logs() in message_handler/types.py allows private keys to be logged via the SHOW_VALIDATOR_PRIVATE_KEYS_IN_LOGS environment variable. Even though there's sanitization, enabling this environment variable defeats the purpose of keeping keys secret.

Signed-off-by: tomaioo <203048277+tomaioo@users.noreply.github.com>
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented May 4, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2668aa56-e0a8-456a-a3e0-5871c9923435

📥 Commits

Reviewing files that changed from the base of the PR and between ec2e497 and d435eb7.

📒 Files selected for processing (1)
  • backend/protocol_rpc/message_handler/types.py
💤 Files with no reviewable changes (1)
  • backend/protocol_rpc/message_handler/types.py
📝 Walkthrough

Walkthrough

A security hardening change that removes the SHOW_VALIDATOR_PRIVATE_KEYS_IN_LOGS environment toggle from the message handler types module. The sanitize_log_data function now unconditionally redacts private key fields across all data structures, eliminating the ability to bypass log sanitization.

Changes

Log Sanitization Enforcement

Layer / File(s) Summary
Configuration Removal
backend/protocol_rpc/message_handler/types.py		 The show_validator_private_keys_in_logs() function is removed, eliminating the debug toggle that controlled conditional sanitization.
Core Sanitization Logic
backend/protocol_rpc/message_handler/types.py		 The sanitize_log_data function removes its conditional branch and now always recursively redacts private key fields across dicts, lists, tuples, and objects.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

A rabbit hops through logs so bright,
But secrets stay tucked out of sight!
No toggles now to peek or peek—
The keys are masked, the vault's secure. 🐰🔐

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Description check ❓ Inconclusive The description identifies the security problem and solution but lacks testing details, review checklist completion, and release notes as specified in the template. Add sections for 'Testing done' with test results, complete the 'Checks' checklist, and include 'User facing release notes' describing the security fix.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly describes the security issue being addressed: the removal of functionality that allowed private keys to be logged.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

  • Generate code and open pull requests
  • Plan features and break down work
  • Investigate incidents and troubleshoot customer tickets together
  • Automate recurring tasks and respond to alerts with triggers
  • Summarize progress and report instantly

Built for teams:

  • Shared memory across your entire org—no repeating context
  • Per-thread sandboxes to safely plan and execute work
  • Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
Review rate limit: 0/1 reviews remaining, refill in 60 minutes.

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tomaioo