Bitcoin Forum

Just wondering about the wallet encryption and persistence when bitcoin-qt is started without a wallet (as in a new installation).

What I am wondering is whether "wallet.dat" gets persisted (with exclusive file access locking) with the private keys unencrypted before you actually enter the passphrase to encrypt or is the wallet information just held in memory until you shutdown the client?

Answered here:
"Bitcoin 0.5 will flush the key pool upon encryption. This means that when you encrypt a fresh wallet, none of its active reserve keys will ever have touched the disk in unencrypted form."
 - http://bitcoin.stackexchange.com/a/2016/153

Great - thanks for that (I assumed it should be the case but is much better to get some confirmation). :)

Note, that is the keypool of unused keys for future use; any address shown to you in the interface or that has received coins as change is kept when the new encrypted wallet is created, and those private keys may still be floating around on disk sectors and deleted files.

The OP's question had to do with new wallets (with no coins yet).  

But for a used wallet then you are correct.  When you encrypt a wallet, all the unused keys become marked as used so those aren't a concern.  For addresses that are used, however (e.g., received and not spent, or used for receiving change) then the release notes for bitcoin-qt v0.5.0 specify the solution to that:

  Send all of your bitcoins to yourself using a new bitcoin address.   Don't re-use any addresses generated before wallet encryption was enabled.

 - http://bitcoin.org/releases/2011/11/21/v0.5.0.html