@mysten/signers
Advanced tools
The Sui KMS Signers package provides a set of tools for securely signing transactions using Key Management Services (KMS) like AWS KMS and GCP KMS.
The AWS KMS Signer allows you to leverage AWS's Key Management Service to sign Sui transactions.
import { AwsKmsSigner } from '@mysten/signers/aws';
const prepareSigner = async () => {
const { AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_KMS_KEY_ID } = process.env;
return AwsKmsSigner.fromKeyId(AWS_KMS_KEY_ID, {
region: AWS_REGION,
accessKeyId: AWS_ACCESS_KEY_ID,
secretAccessKey: AWS_SECRET_ACCESS_KEY,
});
};
Create an AWS KMS signer from AWS Key ID and AWS credentials. This method initializes the signer with the necessary AWS credentials and region information, allowing it to interact with AWS KMS to perform cryptographic operations.
const signer = await AwsKmsSigner.fromKeyId('your-kms-key-id', {
region: 'us-west-2',
accessKeyId: 'your-access-key-id',
secretAccessKey: 'your-secret-access-key',
});
Returns Promise<AwsKmsSigner> An instance of AwsKmsSigner.
Notice: AWS Signer requires Node >=20 due to dependency on crypto
The GCP KMS Signer allows you to leverage Google Cloud's Key Management Service to sign Sui transactions.
Create a GCP KMS signer from the provided options. This method initializes the signer with the necessary GCP credentials and configuration, allowing it to interact with GCP KMS to perform cryptographic operations.
options
object An
object containing GCP credentials and configuration.
const signer = await GcpKmsSigner.fromOptions({
projectId: 'your-google-project-id',
location: 'your-google-location',
keyRing: 'your-google-keyring',
cryptoKey: 'your-google-key-name',
cryptoKeyVersion: 'your-google-key-name-version',
});
// Retrieve the public key and get the Sui address
const publicKey = signer.getPublicKey();
console.log(publicKey.toSuiAddress());
// Define a test message
const testMessage = 'Hello, GCP KMS Signer!';
const messageBytes = new TextEncoder().encode(testMessage);
// Sign the test message
const { signature } = await signer.signPersonalMessage(messageBytes);
// Verify the signature against the public key
const isValid = await publicKey.verifyPersonalMessage(messageBytes, signature);
console.log(isValid); // Should print true if the signature is valid
The Ledger Signer allows you to leverage a Ledger hardware wallet to sign Sui transactions.
Creates a Ledger signer from the provided options. This method initializes the signer with the necessary configuration, allowing it to interact with a Ledger hardare wallet to perform cryptographic operations.
options
object An
object containing GCP credentials and configuration.
projectId
string
The GCP project ID.import Transport from '@ledgerhq/hw-transport-node-hid';
import SuiLedgerClient from '@mysten/ledgerjs-hw-app-sui';
import { LedgerSigner } from '@mysten/signers/ledger';
import { getFullnodeUrl, SuiClient } from '@mysten/sui/client';
import { Transaction } from '@mysten/sui/transactions';
const transport = await Transport.open(undefined);
const ledgerClient = new SuiLedgerClient(transport);
const suiClient = new SuiClient({ url: getFullnodeUrl('testnet') });
const signer = await LedgerSigner.fromDerivationPath(
"m/44'/784'/0'/0'/0'",
ledgerClient,
suiClient,
);
// Log the Sui address:
console.log(signer.toSuiAddress());
// Define a test transaction:
const testTransaction = new Transaction();
const transactionBytes = await testTransaction.build();
// Sign a test transaction:
const { signature } = await signer.signTransaction(transactionBytes);
console.log(signature);
FAQs
A collection of signers for various providers
We found that @mysten/signers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub has revoked npm classic tokens for publishing; maintainers must migrate, but OpenJS warns OIDC trusted publishing still has risky gaps for critical projects.
Security News
Rust’s crates.io team is advancing an RFC to add a Security tab that surfaces RustSec vulnerability and unsoundness advisories directly on crate pages.
Security News
/Research
Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.