From 6ddca6aed0f0da4401e7226c8cbad5fdd494f56b Mon Sep 17 00:00:00 2001 From: DanS Date: Mon, 6 Jul 2026 23:30:38 -0500 Subject: [PATCH] fix(security): auto-lock the lite wallet on idle MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit checkAutoLock() called App::lockWallet(), which early-returns without an rpc_ handle — so lite wallets, which have no daemon, never idle-locked and stayed unlocked indefinitely. Route lite through lockLiteWallet() instead, which locks the backend and tears down the chat session so no decrypted store / unlocked DB key survives the idle lock. Full-node builds keep lite_wallet_ null, so the branch is a no-op there and behaviour is unchanged. The idle timer (last_interaction_, reset on ImGui input at the top of App::update()) is already build-agnostic, so no other wiring is needed. Co-Authored-By: Claude Opus 4.8 (1M context) --- src/app_security.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/app_security.cpp b/src/app_security.cpp index 4c109dd..825b6bb 100644 --- a/src/app_security.cpp +++ b/src/app_security.cpp @@ -612,7 +612,12 @@ void App::checkAutoLock() { float elapsed = std::chrono::duration(now - last_interaction_).count(); if (elapsed >= (float)timeout) { - lockWallet(); + // Lite has no daemon `walletlock` — App::lockWallet() early-returns without rpc_, so route + // lite through lockLiteWallet() (locks the backend + tears down the chat session so no + // decrypted store / unlocked DB key survives the idle lock). In full-node builds + // lite_wallet_ is always null, so this branch is a no-op and behaviour is unchanged. + if (lite_wallet_) lockLiteWallet(); + else lockWallet(); DEBUG_LOGF("[App] Auto-locked wallet after %d seconds idle\n", timeout); } }