It is nice when we can zero out memory after it is used, especially in a security library when keys (etc.) are in RAM. I believe Apple did this by default for the C free() function a year ago: iOS 16.1 Release Notes - Memory Allocation.
With GC-moveable memory values like string most of the zeroing operations become ineffective. Perhaps adding the string as a GC root might make it immovable; regardless, it would be good to document a warning for security keys so people are aware. (If I’m understanding the implications of the switch away from cstruct correctly; someone correct me if I’m wrong)