Summary
cargo audit flags rand 0.8.5 as unsound (RUSTSEC-2026-0097).
Bumping rand to the patched version (>=0.9.3) is currently blocked by a transitive dependency conflict.
Advisory
Dependency Chain (Why It's Blocked)
rand 0.8.5 enters bdk_wallet through two paths:
Path 1 — transitive (primary blocker):
rand 0.8.5 → secp256k1 0.29.1 → bitcoin 0.32.8 → bdk_wallet
Path 2 — direct dev-dependency:
rand 0.8.5 → bdk_wallet (Cargo.toml dev-dependencies)
Bumping Path 2 (our own Cargo.toml) to rand 0.9.3 fails because:
- rand 0.9.3 requires rand_core 0.9.5
- bdk_wallet's production code uses rand_core 0.6.4
(via secp256k1 0.29.1 → bitcoin 0.32.8)
- rand_core::RngCore from v0.6 and v0.9 are incompatible traits
- coin_select() is bounded on rand_core 0.6 RngCore
- rand 0.9's ThreadRng implements rand_core 0.9 RngCore only
- Result: trait bound not satisfied — does not compile
Verified with:
cargo tree -i rand # shows both entry paths
cargo tree -i rand_core # confirms rand_core 0.6.4 and 0.9.5 coexist
What Unblocks This
The fix becomes possible once bdk_wallet upgrades to:
- secp256k1 >= 0.30.x stable (currently 0.32.0-beta.2)
- bitcoin >= 0.33.x stable (currently 0.33.0-beta)
Both are in beta as of April 2026. Once stable releases land,
this issue can be resolved by:
- Bumping bitcoin + secp256k1 to stable releases using rand_core 0.9
- Bumping rand dev-dependency from ^0.8 to ^0.9.3
- Migrating API call sites:
- thread_rng() → rand::rng()
- gen_range() → random_range()
- gen_bool() → random_bool()
- prelude::SliceRandom → seq::SliceRandom
Severity Note
The vulnerability requires a custom logger that re-enters rand::rng() during ThreadRng reseeding. In bdk_wallet, rand 0.8 is used in test code only (dev-dependency + secp256k1 internals), which limits practical exposure. However the advisory stands and should be resolved when the upstream stack permits.
Summary
cargo audit flags rand 0.8.5 as unsound (RUSTSEC-2026-0097).
Bumping rand to the patched version (>=0.9.3) is currently blocked by a transitive dependency conflict.
Advisory
Dependency Chain (Why It's Blocked)
rand 0.8.5 enters bdk_wallet through two paths:
Path 1 — transitive (primary blocker):
rand 0.8.5 → secp256k1 0.29.1 → bitcoin 0.32.8 → bdk_wallet
Path 2 — direct dev-dependency:
rand 0.8.5 → bdk_wallet (Cargo.toml dev-dependencies)
Bumping Path 2 (our own Cargo.toml) to rand 0.9.3 fails because:
(via secp256k1 0.29.1 → bitcoin 0.32.8)
Verified with:
cargo tree -i rand # shows both entry paths
cargo tree -i rand_core # confirms rand_core 0.6.4 and 0.9.5 coexist
What Unblocks This
The fix becomes possible once bdk_wallet upgrades to:
Both are in beta as of April 2026. Once stable releases land,
this issue can be resolved by:
Severity Note
The vulnerability requires a custom logger that re-enters rand::rng() during ThreadRng reseeding. In bdk_wallet, rand 0.8 is used in test code only (dev-dependency + secp256k1 internals), which limits practical exposure. However the advisory stands and should be resolved when the upstream stack permits.