Go Proposal: Secret Mode

Summary

Part of the Accepted! series, explaining the upcoming Go changes in simple terms.Automatically erase used memory to prevent secret leaks.Ver. 1.26 • Stdlib • Low impactSummaryThe new runtime/secret package lets you run a function in secret mode. After the function finishes, it immediately erases (zeroes out) the registers and stack it used. Heap allocations made by the function are erased as soon as the garbage collector decides they are no longer reachable.secret.Do(func() { // Generate a session key and // use it to encrypt the data. }) This helps make sure sensitive information doesn't stay in memory longer than needed, lowering the risk of attackers getting to it.The package is experimental and is mainly for developers of cryptographic libraries, not for application developers.MotivationCryptographic protocols like WireGuard or TLS have a property called "forward secrecy". This means that even if an attacker gains access to long-term secrets (like a private key in TLS), they shouldn't be able to decrypt past communication sessions. To make this work, session keys (used to encrypt and decrypt data during a specific communication session) need to be erased from memory after they're used. If there's no reliable way to clear this memory, the keys could stay there indefinitely, which would break forward secrecy.In Go, the runtime manages memory, and it doesn't guarantee when or how memory is cleared. Sensitive data might remain in heap allocations or stack frames, potentially exposed in core dumps or through memory attacks. Developers often have to use unreliable "hacks" with reflection to try to zero out internal buffers in cryptographic libraries. Even so, some data might still stay in memory where the developer can't reach or control it.The solution is to provide a runtime mechanism that automatically erases all temporary storage used during sensitive operations. This will make it easier for library developers to write secure code without using workarounds.Descrip...