HN Showcase
Back to browse
GitHub Repository

Secure memory management for the paranoid.

6 starsRust

Shrouded, secure memory management in Rust

by mhluongo·Mar 23, 2026·5 points·0 comments
Visit ProjectView on HN

AI Analysis

●●SolidNiche GemWizardry

Memory protection crate with guard pages and zeroization, like memsec but with secrecy-style ergonomics.

Strengths
  • Combines mlock, guard pages, core dump exclusion, and zeroization in one crate
  • secrecy-style .expose() API with explicit operations (no automatic Clone/Display)
  • Platform-specific protection with graceful degradation
Weaknesses
  • Only 2 stars means minimal real-world battle testing
  • Niche audience limits adoption potential
Category
Security
Target Audience

Rust developers building password managers, crypto wallets, or credential handlers

Similar To

memsec · secrecy

Post Description

Hi HN!

I've been building a project that handles high-value credentials in-process, and I wanted something more robust than just zeroizing on drop. A comment on a recent Show HN[0] made me realize that awareness of lower-level memory protection techniques might not be as widespread as I thought.

The idea here is to pull out all the tools in one crate, with a relatively simple API. * mlock/VirtualLock to prevent sensitive memory from being swapped (eg the KeePass dump) * Core dump exclusion using MADV_DONTDUMP on Linux & Android * mprotect to minimize exposure over time * Guard pages to mitigate under/overflows

After some battle testing, the goal here is to provide a more secure memory foundation for things like password managers and cryptocurrency wallets.

This was a fun project, and I learned a lot - would love any feedback!

[0] - https://news.ycombinator.com/item?id=47073430

Similar Projects