Security News
Internet Archive Hacked, 31 Million Record Compromised
The Internet Archive's "Wayback Machine" has been hacked and defaced, with 31 millions records compromised.
@rumblefishdev/eth-signer-kms
Advanced tools
Sign ethereum transaction/messages using KMS service from AWS
Web3 signer that derives address and signs transactions using AWS KMS.
$ npm i @rumblefishdev/eth-signer-kms
aws-sdk
In order to work properly AWS KMS managed key must be:
Client using the library should have the following IAM permissions to the key that it uses:
- Effect: Allow
Action:
- 'kms:Sign'
- 'kms:GetPublicKey'
Resource: !Ref KMSKeyArn
KMSSigner is an ethers Signer
instance that uses AWS KMS stored keys to sign ethereum transactions.
keyId
can be obtained via KMS
package of aws-sdk
or directly via AWS console.
https://github.com/ethereumjs/ethereumjs-monorepo
Parameter | Type | Default | Required | Description |
---|---|---|---|---|
keyId | string | null | [x] | Key ID of AWS KMS managed private key |
provider | providers.Provider | null | [x] | Official doc |
kmsInstance | AWS.KMS | new AWS.KMS() | [ ] | KMS instance from Official doc |
new KMSSigner(provider, keyId, kms)
await kmsSigner.signMessage(...)
await kmsSigner._signTypedData(...)
await getEthAddressFromKMS(...)
KMSProvider
class became KMSSigner
, as its instance no longer creates provider but receives one in constructor.
That approach extracts provider dependency from the package and as a result makes it more flexible in terms of use and testing.
Parameter | Type | Default | Required | Description |
---|---|---|---|---|
keyId | string | null | [x] | Key ID of AWS KMS managed private key |
providerOrUrl | string/object | null | [x] | Official doc |
chainSettings | Common | {} | [ ] | Common object used to configure tx options. If chainId is not passed, it will be obtained automatically via eth_chainId . For details instructions please refer to Common and Tx official docs |
shareNonce | boolean | true | [ ] | Official doc |
pollingInterval | number | 4000 | [ ] | Official doc |
FAQs
Sign ethereum transaction/messages using KMS service from AWS
We found that @rumblefishdev/eth-signer-kms demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The Internet Archive's "Wayback Machine" has been hacked and defaced, with 31 millions records compromised.
Security News
TC39 is meeting in Tokyo this week and they have approved nearly a dozen proposals to advance to the next stages.
Security News
Our threat research team breaks down two malicious npm packages designed to exploit developer trust, steal your data, and destroy data on your machine.