Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@conduitxyz/hardhat-gcp-kms-signer

Package Overview
Dependencies
Maintainers
2
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@conduitxyz/hardhat-gcp-kms-signer

Sign Hardhat deployment transactions using KMS key

  • 1.1.6
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
0
decreased by-100%
Maintainers
2
Weekly downloads
 
Created
Source

Hardhat Google Cloud KMS Signer

This plugin signs Ethereum transaction using KMS key during deployments.

  • Inspired by @rumblefishdev/hardhat-kms-signer
  • Downgraded to work with hardhat@2.9.6

Usage

It's assumed that you have AWS access configured and your role perform kms:sign using KMS key.

In hardhat.config.ts do:

import "@conduit-xyz/hardhat-gcp-kms-signer";

...

const config: HardhatUserConfig = {
  networks: {
    ropsten: {
      url: `https://ropsten.infura.io/v3/${process.env.INFURA_KEY}`,
      gcpKmsKeyName: "YOUR KMS KEY ID"
    }
  }
}

Learn your address

$ node_modules/.bin/hardhat console --network ropsten
Creating Typechain artifacts in directory types for target ethers-v5
Successfully generated Typechain artifacts!
Welcome to Node.js v12.22.6.
> getNamedAccounts().then(console.log)
Promise { <pending> }
> { deployer: '0x541dD0eC22fB1213d2C2B1fc83B5F302cEFF79A2' }

Remember to fund your address with some ETH before deploying.

Minimal EIP1559 gas values

On less crowded networks (such as Sepolia) there may be situations where automatic gas provider will set maxFeePerGas & maxPriorityFeePerGas near 0 (when empty blocks are mined). To prevent this you can set minimal values for them in config:

import "@conduit-xyz/hardhat-gcp-kms-signer";

...

const config: HardhatUserConfig = {
  networks: {
    ropsten: {
      url: `https://ropsten.infura.io/v3/${process.env.INFURA_KEY}`,
      gcpKmsKeyName: "YOUR KMS KEY ID",
      minMaxFeePerGas: 1600000000,
      minMaxPriorityFeePerGas: 1200000000
    }
  }
}

Keywords

FAQs

Package last updated on 23 Mar 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft

Security News

Research

Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft

Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.

By Kirill Boychenko  -  Nov 27, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc