Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
ethers-gcp-kms-signer
Advanced tools
Changelog
Readme
This is a wallet or signer that can be used together with Ethers.js applications.
npm i ethers-gcp-kms-signer
Create your asymmetric key as follows: https://cloud.google.com/kms/docs/creating-asymmetric-keys
Add the new service account to GCP with the correct KMS roles: Crypto KMS Signer
, Verifier
, Viewer
Provide the GCP service account credentials using an environment variable called GOOGLE_APPLICATION_CREDENTIALS
here
Use the GcpKmsSigner
constructor as shown below, and that will resolve the correct key to sign the transaction.
import { GcpKmsSigner } from "ethers-gcp-kms-signer";
const kmsCredentials = {
projectId: "gcp-project-id", // your project id in gcp
locationId: "global", // the location where your key ring was created
keyRingId: "kr-1", // the id of the key ring
keyId: "key-name", // the name/id of your key in the key ring
keyVersion: "1", // the version of the key
};
const provider = ethers.providers.getDefaultProvider("ropsten");
let signer = new GcpKmsSigner(kmsCredentials);
signer = signer.connect(provider);
const tx = await signer.sendTransaction({
to: "0xE94E130546485b928C9C9b9A5e69EB787172952e",
value: ethers.utils.parseEther("0.01"),
});
console.log(tx);
git clone
this repo
$ git clone https://github.com/openlawteam/ethers-gcp-kms-signer my-module
$ cd my-module
$ rm -rf .git
$ npm install # or yarn
Just make sure to edit package.json
, README.md
and LICENSE
files accordingly with your module's info.
$ npm test # run tests with Jest
$ npm run coverage # run tests with coverage
$ npm run lint # lint code
$ npm run build # generate docs and transpile code
This boiler plate uses the semantic-release package to manage versioning. Once it has been set up, version numbers and Github release changelogs will be automatically managed. semantic-release uses the commit messages to determine the type of changes in the codebase. Following formalized conventions for commit messages, semantic-release automatically determines the next semantic version number, generates a changelog and publishes the release.
Use npm run commit
instead of git commit
in order to invoke Commitizen commit helper that helps with writing properly formatted commit messages.
MIT
All the credits to
RJ Chow for integrating AWS KMS signer with Ethers.js and share that with everyone at https://github.com/rjchow/ethers-aws-kms-signer
Lucas Henning for doing the legwork on parsing the AWS KMS signature and public key asn formats: https://luhenning.medium.com/the-dark-side-of-the-elliptic-curve-signing-ethereum-transactions-with-aws-kms-in-javascript-83610d9a6f81
FAQs
An Ethers.js compatible signer that connects to GCP KMS
The npm package ethers-gcp-kms-signer receives a total of 1,782 weekly downloads. As such, ethers-gcp-kms-signer popularity was classified as popular.
We found that ethers-gcp-kms-signer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.