R3E Network has published a new version of NeoRust, a substantial maintenance release focused on code quality, security and developer experience.
First launched in 2021, NeoRust is a Rust SDK that helps developers build on Neo N3 using a high-performance API with unified error handling. The project received GrantShares funding in 2023 and includes tools for cryptography, wallet management (BIP-39/44 HD wallets, multi-sig and hardware wallet support) and RPC-based node interaction. It also supports smart contract deployment and invocation, NEP-17 token operations, WebSocket-based event monitoring, transaction simulation for cost estimation, and network configuration for MainNet, TestNet, and custom networks.
Key improvements in v1.0.3
NeoRust v1.0.3, released on February 7, follows a ten-round code review and refactoring that addresses error handling patterns, memory security, performance optimizations, and platform-specific functionality. The release is compatible with Neo-CLI v3.9.1, allowing developers to take advantage of the latest Neo blockchain features including contract fee whitelisting, a native Treasury contract, and improved accuracy of execution fee factors introduced in the January 2026 Neo v3.9 update.
Error handling improvements
Descriptive error messages: The release replaces more than 40 .unwrap() calls along .expect() with descriptive error messages, improving the developer experience when debugging issues. Instead of encountering generic panic messages, developers now receive contextual information about what went wrong and where.
Code cleanup: Removing dead code eliminates unused fields, imports, and commented code across the codebase, reducing maintenance burden and improving code readability for contributors and users examining the SDK source.
Performance optimizations
Memory allocation efficiency: Nine vector allocations are optimized with Vec::with_capacity() pre-allocation, which reduces unnecessary memory reallocations during runtime operations. The release also removes four unnecessary ones .clone() operations, eliminating redundant memory copies that could impact performance in high-throughput scenarios.
Border Control: Added debug_assert! Buffer bound declarations in hot-path decoder methods provide additional security guarantees during development and testing without impacting the performance of the release build.
Documentation improvements
Full module coverage: The release adds extensive documentation to previously undocumented modules, achieving 100% documentation coverage serde_with_utils And contract_manifest modules. All serde serialization helpers now include use cases.
Memory layout documentation: Detailed documentation for the StackItem enum explains variant sizes and boxing considerations, helping developers understand memory usage patterns when working with Neo virtual machine stack items.
Zero-copy access methods: New as_array_ref() And as_map_entries() methods StackItem provide efficient zero-copy access to array and map data without unnecessary allocations.
Version consistency: Documentation version mismatches have been resolved, updating references from v1.0.1 to v1.0.3 lib.rs And neo_types/mod.rs in four locations, with historical references retained where necessary.
Security improvements
NeoRust v1.0.3 introduces multiple security improvements aimed at protecting sensitive cryptographic material in memory:
Memory zero setting: Zeroize And ZeroizeOnDrop properties were implemented KeyPair to securely erase private key bytes from memory when the key pair is deleted. Amended Drop implementations for Account And NEP6Account Now ensure that encrypted private key strings are reset to zero, which prevents sensitive data from persisting in memory after use.
Input Validation: Added input validation assertions have been included to prevent buffer underflows in debug builds, helping to catch potential security issues during development before they reach production.
Dependency Protection: jsonwebtoken has been upgraded from version 9.2.0 to 10.3.0 with the rust_crypto function, eliminating the process level CryptoProvider requirement and modernization of the cryptographic implementation.
Platform-specific solutions
The release also resolves platform-specific issues affecting credential storage on macOS and Windows:
macOS Keychain Integration: neo-cli Fixed macOS Keychain integration by replacing non-existent standalone function calls (passwords::set_generic_password, get_generic_password, delete_generic_password) with the correct one SecKeychain method API of security-framework 2.11. This ensures that the Neo wallet credentials can be properly stored and retrieved using the native macOS keychain.
Windows Reference Store: A compile-time borrow after move error (E0382) has been resolved in the Windows Reference Store by reordering operations in store_windows_credentialwhere the loan is before the HashMap::insert move operation. This fix ensures that Windows users can properly store wallet information in the native Windows Credential Manager.
Code quality improvements
DRY principle application: A neo_config_lock() helper function config.rs was extracted to eliminate four identical lock-plus-poison recovery blocks api_trait.rsthus improving code maintainability and reducing duplication.
Clippy overrides documented: Inline justification comments have been added to all comments #![allow(clippy::...)] oppressions src/lib.rsdocumenting why specific linter warnings were intentionally disabled and ensuring these decisions remain visible to future contributors.
API cleanup: one dead nns field of RpcClient has been removed and unused macros have been cleaned up, streamlining the public API surface and reducing confusion about which features are actively supported.
Platform support and availability
NeoRust v1.0.3 provides pre-built binaries for multiple platforms:
- Linux:
neorust-linux-amd64.tar.gz - macOS:
neorust-macos-amd64.tar.gz - Windows:
neorust-windows-amd64.zip
These binaries allow developers to use NeoRust’s CLI tooling without the need for a full Rust development environment.
Shortly after the release of v1.0.3, the team published v1.0.4 to address CI configuration and security audit settings so that all automated checks run gracefully and known dependency advisories are properly documented without available upstream solutions.
Compatibility
NeoRust v1.0.3 is compatible with Neo v3.9.1 and later, allowing developers to build applications that take advantage of the latest Neo N3 protocol features. Developers using NeoRust should update to this version to take advantage of improved error handling, improved security for cryptographic operations, and platform-specific fixes for credential storage on macOS and Windows.
You can download the latest version of NeoRust via the link below:
https://crates.io/crates/neo3