Security News
Internet Archive Hacked, 31 Million Record Compromised
The Internet Archive's "Wayback Machine" has been hacked and defaced, with 31 millions records compromised.
By Sarah Gooding - Oct 10, 2024
@rumblefishdev/eth-signer-kms
Advanced tools
@rumblefishdev/eth-signer-kms
Web3 provider that derives address and signs transactions using [AWS KMS](https://aws.amazon.com/kms/).
@rumblefishdev/eth-signer-kms
Web3 provider that derives address and signs transactions using AWS KMS.
Install
$ npm i @rumblefishdev/eth-signer-kms
Requirements
aws-sdk
In order to work properly AWS KMS managed key must be:
- asymmetric
- able to sign and verify
- ECC_SECG_P256K1 specified
Usage
* Before use, make sure that AWS SDK is properly configured! Find out how to do it here.
KMSProvider can be used as a standalone Web3 provider and within Truffle config. It's based on @truffle/hdwallet-provider so wallet non-related params (providerOrUrl, shareNonce, poolingInterval and chainId) remain the same.
keyId can be obtained via KMS package of aws-sdk or directly via AWS console.
Parameters:
| Parameter | Type | Default | Required | Description |
|---|---|---|---|---|
keyId | string | null | [x] | Key ID of AWS KMS managed private key. |
providerOrUrl | string/object | null | [x] | Official doc |
shareNonce | boolean | true | [ ] | Official doc |
pollingInterval | number | 4000 | [ ] | Official doc |
chainId | number/string | undefined | [ ] | Official doc |
Examples
Truffle usage example - TODO Web3 provider usage - TODO
Credits:
FAQs
Sign ethereum transaction/messages using KMS service from AWS
The npm package @rumblefishdev/eth-signer-kms receives a total of 510 weekly downloads. As such, @rumblefishdev/eth-signer-kms popularity was classified as not popular.
We found that @rumblefishdev/eth-signer-kms demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 25 Jun 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
TC39 Advances 10+ ECMAScript Proposals: Key Features to Watch
TC39 is meeting in Tokyo this week and they have approved nearly a dozen proposals to advance to the next stages.
By Sarah Gooding - Oct 09, 2024
Security News
Nightmares on npm: How Two Malicious Packages Facilitate Data Theft and Destruction
Our threat research team breaks down two malicious npm packages designed to exploit developer trust, steal your data, and destroy data on your machine.
By Kush Pandya - Oct 09, 2024