diff --git a/proxy/src/scram/exchange.rs b/proxy/src/scram/exchange.rs
index 5a986b965a..802fe61db5 100644
--- a/proxy/src/scram/exchange.rs
+++ b/proxy/src/scram/exchange.rs
@@ -8,7 +8,6 @@ use super::signature::SignatureBuilder;
 use crate::sasl::{self, ChannelBinding, Error as SaslError};
 
 /// The only channel binding mode we currently support.
-#[derive(Debug)]
 struct TlsServerEndPoint;
 
 impl std::fmt::Display for TlsServerEndPoint {
@@ -28,7 +27,6 @@ impl std::str::FromStr for TlsServerEndPoint {
     }
 }
 
-#[derive(Debug)]
 enum ExchangeState {
     /// Waiting for [`ClientFirstMessage`].
     Initial,
@@ -41,7 +39,6 @@ enum ExchangeState {
 }
 
 /// Server's side of SCRAM auth algorithm.
-#[derive(Debug)]
 pub struct Exchange<'a> {
     state: ExchangeState,
     secret: &'a ServerSecret,
diff --git a/proxy/src/scram/key.rs b/proxy/src/scram/key.rs
index 1c13471bc3..73dd5e1d5c 100644
--- a/proxy/src/scram/key.rs
+++ b/proxy/src/scram/key.rs
@@ -6,7 +6,7 @@ pub const SCRAM_KEY_LEN: usize = 32;
 /// One of the keys derived from the [password](super::password::SaltedPassword).
 /// We use the same structure for all keys, i.e.
 /// `ClientKey`, `StoredKey`, and `ServerKey`.
-#[derive(Default, Debug, PartialEq, Eq)]
+#[derive(Default, PartialEq, Eq)]
 #[repr(transparent)]
 pub struct ScramKey {
     bytes: [u8; SCRAM_KEY_LEN],
diff --git a/proxy/src/scram/secret.rs b/proxy/src/scram/secret.rs
index e8d180bcdd..bf935d3510 100644
--- a/proxy/src/scram/secret.rs
+++ b/proxy/src/scram/secret.rs
@@ -5,7 +5,6 @@ use super::key::ScramKey;
 
 /// Server secret is produced from [password](super::password::SaltedPassword)
 /// and is used throughout the authentication process.
-#[derive(Debug)]
 pub struct ServerSecret {
     /// Number of iterations for `PBKDF2` function.
     pub iterations: u32,