🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@0xsequence/google-kms-signer

Package Overview
Dependencies
Maintainers
0
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@0xsequence/google-kms-signer

an ethers.js- and sequence.js-compatible signer using Google Cloud Key Management Service keys

latest
npmnpm
Version
0.3.0
Version published
Maintainers
0
Created
Source

google-kms-signer

GoogleKmsSigner is an ethers.js- and sequence.js-compatible signer using Google Cloud Key Management Service keys

prerequisites

create google cloud kms key

https://console.cloud.google.com/security/kms/keyrings

  • create project or use existing one
  • create key ring or use existing one
  • create key
  • protection level: hsm
  • key material: hsm-generated
  • purpose: asymmetric sign
  • algorithm: elliptic curve secp256k1 - sha256 digest

set up application default credentials

https://cloud.google.com/kms/docs/reference/libraries#authentication

  • install gcloud cli
  • gcloud auth application-default login
  • authenticate

installation

these instructions assume pnpm, please refer to docs if you use something else

pnpm add @0xsequence/google-kms-signer

usage

integration

create a signer:

import { GoogleKmsSigner } from '@0xsequence/google-kms-signer'

const signer = new GoogleKmsSigner({
  project: 'my-project',
  location: 'my-location',
  keyRing: 'my-key-ring',
  cryptoKey: 'my-crypto-key',
  cryptoKeyVersion: 'my-crypto-key-version'
})

get your signer's address:

const address = await signer.getAddress()
console.log(address)

sign a message:

const message = 'hello world'
const signature = await signer.signMessage(message)

console.log(signature)
console.log(`${ethers.utils.verifyMessage(message, signature)} = ${address}`)

send a transaction:

const provider = new ethers.providers.JsonRpcProvider('https://my-json-rpc-provider.com')
const connectedSigner = signer.connect(provider)

const response = await connectedSigner.sendTransaction({
  to: 'destination address',
  value: 123
})

const receipt = await response.wait()
console.log(receipt)

sign for a sequence wallet:

import { Session } from '@0xsequence/auth'
import { isValidMessageSignature } from '@0xsequence/provider'

const session = await Session.singleSigner({
  signer,
  projectAccessKey: 'my-project-access-key'
})

const message = ethers.utils.toUtf8Bytes('hello world')
const signature = await session.account.signMessage(message, chainId, 'eip6492')

console.log(isValidMessageSignature(session.account.address, message, signature, provider))

running tests

cp .env.sample .env

edit the .env file, then:

pnpm test

Keywords

sequence
sequence.js
0xsequence
google
kms
signer

FAQs

Package last updated on 27 Feb 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Critical Security Vulnerability in React Server Components

Security News

Critical Security Vulnerability in React Server Components

React disclosed a CVSS 10.0 RCE in React Server Components and is advising users to upgrade affected packages and frameworks to patched versions now.

By Sarah Gooding  -  Dec 03, 2025