@dropyacht/evm-signer
Advanced tools
The signer/ package contains libraries for signing messages and transactions with hardware security modules (HSMs).
At this time, only GCP KMS-managed HSMs are supported, but we hope to add support for AWS Cloud HSM, Azure Dedicated HSM, and self-hosted HSMs.
You'll need to set appropriate GOOGLE_APPLICATION_CREDENTIALS for submitting requests.
The easiest way is to create a service account with the roles/cloudkms.signer and roles/cloudkms.publicKeyViewer minimum permission set.
You should add a new JSON key to your service account, and download it. Then set
export GOOGLE_APPLICATION_CREDENTIALS=key.json
pointing to the downloaded keyfile.
You can install dependencies for the signer package with
npm install
You can build the signer package with
npm run build
You can test the signer package with
npm run test
which executes tests using jest. You'll need to have a running local Ethereum node with some default funded signers.
FAQs
A cloud HSM signer for EVM-compatible transactions.
The npm package @dropyacht/evm-signer receives a total of 4 weekly downloads. As such, @dropyacht/evm-signer popularity was classified as not popular.
We found that @dropyacht/evm-signer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.
Security News
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
Research
Security News
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.