fix: write mnemonic to dead-drop file instead of stderr#22
fix: write mnemonic to dead-drop file instead of stderr#22jim-counter wants to merge 2 commits intomainfrom
Conversation
The recovery phrase was printed to stderr, which agent frameworks capture into the session transcript. Replace with a chmod-000 file at ~/.openclaw/auto-respawn/.last-mnemonic that only the human operator can retrieve. Closes #16 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Use .mnemonic-<name> instead of a single .last-mnemonic so multiple wallets can be created without collision. Check for a stale dead-drop before creating the wallet keyfile to avoid orphaning a wallet whose mnemonic was never retrieved. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
bugbot run |
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Comment @cursor review or bugbot run to trigger another review on this PR
| console.error('') | ||
| // Write mnemonic to a dead-drop file (chmod 000) instead of stderr. | ||
| // The agent never sees the phrase — only the file path appears in output. | ||
| const mnemonicPath = await writeMnemonicDeadDrop(name, result.mnemonic) |
There was a problem hiding this comment.
Wallet persisted before mnemonic, risking irrecoverable phrase loss
High Severity
createWallet persists the encrypted keyfile to disk (via encryptAndSave) before writeMnemonicDeadDrop is called. If the dead-drop write fails (disk full, permission error, etc.), the wallet keyfile already exists but the mnemonic is permanently lost — it only lived in process memory. On retry, createWallet rejects with "wallet already exists" and ensureNoStaleMnemonic finds no dead-drop to warn about, leaving the wallet irrecoverable from its mnemonic. The mnemonic dead-drop write needs to succeed before the wallet keyfile is committed to disk, or createWallet needs to be refactored to separate generation from persistence.
Additional Locations (1)
1 participant
Summary
wallet createwith a chmod-000 dead-drop file at~/.openclaw/auto-respawn/.last-mnemonicchmod 600,cat, back up,rmChanges
lib/wallet.ts— addedwriteMnemonicDeadDrop()(write with 0600, then chmod 000), refactored path constantsauto-respawn.ts— replaced stderr mnemonic block with dead-drop call, addedmnemonicPathand security message to JSON outputSKILL.md— updated wallet create docs, local storage section, important notes, and usage examplesTest plan
npm run typecheckpassesnpm run lintpassesnpm testpasses (88 tests)wallet createno longer prints mnemonic to stderr.last-mnemonicfile created with000permissionschmod 600 && catretrieves the phrase correctlyCloses #16
🤖 Generated with Claude Code