From c299e9a2d2a2ef88d3840f00d37660283c9927ab Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Wed, 25 Mar 2026 22:43:15 +0000
Subject: [PATCH] [fix](trx-server): truncate raw JSON in error logs to 128
 chars

Prevent potential information disclosure by truncating raw client input
in log messages instead of logging the full payload.

https://claude.ai/code/session_01XzurkeuUmamBuhQwxVy7T4
Signed-off-by: Claude <noreply@anthropic.com>
---
 src/trx-server/src/listener.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/trx-server/src/listener.rs b/src/trx-server/src/listener.rs
index 900654c..1e4134c 100644
--- a/src/trx-server/src/listener.rs
+++ b/src/trx-server/src/listener.rs
@@ -201,7 +201,13 @@ async fn handle_client(
         let envelope = match parse_envelope(trimmed) {
             Ok(envelope) => envelope,
             Err(e) => {
-                error!("Invalid JSON from {}: {} / {:?}", addr, trimmed, e);
+                // Truncate raw input in logs to prevent information disclosure.
+                let preview = if trimmed.len() > 128 {
+                    format!("{}...", &trimmed[..128])
+                } else {
+                    trimmed.to_string()
+                };
+                error!("Invalid JSON from {}: {} / {:?}", addr, preview, e);
                 let resp = ClientResponse {
                     success: false,
                     rig_id: None,