#clear #memory #secret #secure #wipe

no-std secrecy

Wrapper types and traits for secret management which help ensure they aren’t accidentally copied, logged, or otherwise exposed (as much as possible), and also ensure secrets are securely wiped from memory when dropped

15 releases (8 breaking)

new 0.8.0 Jul 18, 2021
0.7.0 Jul 8, 2020
0.6.0 Dec 12, 2019
0.5.1 Nov 30, 2019
0.0.0 Oct 4, 2018

#34 in Cryptography

Download history 17251/week @ 2021-04-03 16305/week @ 2021-04-10 15599/week @ 2021-04-17 15357/week @ 2021-04-24 16014/week @ 2021-05-01 16053/week @ 2021-05-08 16289/week @ 2021-05-15 17914/week @ 2021-05-22 17054/week @ 2021-05-29 19622/week @ 2021-06-05 19625/week @ 2021-06-12 18531/week @ 2021-06-19 19215/week @ 2021-06-26 20737/week @ 2021-07-03 19753/week @ 2021-07-10 17664/week @ 2021-07-17

76,333 downloads per month
Used in 468 crates (36 directly)

Apache-2.0 OR MIT

537 lines

secrecy.rs 🤐 iqlusion

Crate Docs Apache 2.0/MIT Licensed MSRV Safety Dance Build Status

A simple secret-keeping library for Rust.



secrecy is a simple, safe (i.e. forbid(unsafe_code) library which provides wrapper types and traits for secret management in Rust, namely the Secret<T> type for wrapping another value in a "secret cell" which attempts to limit exposure (only available through a special ExposeSecret trait).

This helps to ensure secrets aren't accidentally copied, logged, or otherwise exposed (as much as possible), and also ensures secrets are securely wiped from memory when dropped.

Minimum Supported Rust Version

Rust 1.51 or newer.

In the future, we reserve the right to change MSRV (i.e. MSRV is out-of-scope for this crate's SemVer guarantees), however when we do it will be accompanied by a minor version bump.

serde support

Optional serde support for parsing owned secret values is available, gated under the serde cargo feature.

It uses the Deserialize and DeserializeOwned traits to implement deserializing secret types which also impl these traits.

This doesn't guarantee serde (or code providing input to serde) won't accidentally make additional copies of the secret, but does the best it can with what it is given and tries to minimize risk of exposure as much as possible.


Copyright © 2019-2021 iqlusion

secrecy is distributed under the terms of either the MIT license or the Apache License (Version 2.0), at your option.

See LICENSE (Apache License, Version 2.0) file in the iqlusioninc/crates toplevel directory of this repository or LICENSE-MIT for details.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.