README
¶
EVM-Compatible KMS
Key Management Service's client for EVM applications.
Dependencies
See go.mod
Status
This product is currently in beta quality, take your own risk.
TODOs
Tutorial
Create a config file
Create a json file consisting of the following information:
{
"type": "gcp",
"gcp": {
"ProjectID": "evm-kms",
"LocationID": "us-west1",
"CredentialLocation": "/Users/SomeUser/.cred/gcp-credential.json",
"Key": {
"Keyring": "my-keying-name",
"Name": "evm-ecdsa",
"Version": "1"
},
"ChainID": 1
},
"aws": {
"KeyID": "KEY_ID",
"ChainID": 1,
"Region": "AWS_REGION",
"AccessKeyID": "ACCESS_KEY_ID",
"SecretAccessKey": "SECRET_ACCESS_KEY",
"SessionToken": "SESSION_TOKEN"
}
}
- If
type = "gcp", theawsfield is not needed. - If
type = "aws", thegcpfield is not needed.
Create a KMSSigner from the config file
kmsSigner, err := NewKMSSignerFromConfigFile("kms-config.json")
if err != nil {
panic(err)
}
Contributions
You are encouraged to open an issue if you encounter a problem
while using this code. Even better, you can create PRs to the
main branch if you think these are necessary functions.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// Type indicates which service we are using ('gcp', 'aws').
Type string `json:"type"`
// GcpConfig is the detail of the GCP KMS Config.
GcpConfig gcpkms.Config `json:"gcp"`
// AwsConfig is the detail of the AWS KMS Config.
AwsConfig awskms.StaticCredentialsConfig `json:"aws"`
}
Config is the holder for the KMS service.
func LoadConfig ¶
LoadConfig creates a Config from the given raw config data.
func LoadConfigFromJSONFile ¶
LoadConfigFromJSONFile creates a Config from the given the json config file.
type KMSSigner ¶
type KMSSigner interface {
// GetAddress returns the EVM address of the current signer.
GetAddress() common.Address
// GetPublicKey returns the EVM public key of the current signer.
GetPublicKey() (*ecdsa.PublicKey, error)
// SignHash performs a signing operation for a given digested message.
SignHash(hash common.Hash) ([]byte, error)
// GetDefaultEVMTransactor returns the default KMS-backed instance of bind.TransactOpts.
GetDefaultEVMTransactor() *bind.TransactOpts
// GetEVMSignerFn returns the KMS-backed bind.SignerFn instance.
GetEVMSignerFn() bind.SignerFn
// HasSignedTx checks if the given transaction has been signed by the KMS.
HasSignedTx(*types.Transaction) (bool, error)
// WithSigner assigns the given signer to the current KMSSigner.
WithSigner(types.Signer)
// WithChainID assigns the given chainID to the current KMSSigner.
WithChainID(*big.Int)
}
KMSSigner specifies the required methods for a KMS signer
func NewKMSSignerFromConfig ¶ added in v0.2.0
NewKMSSignerFromConfig creates and returns a new KMSSigner with the given config.
func NewKMSSignerFromConfigFile ¶ added in v0.2.0
NewKMSSignerFromConfigFile creates and returns a new KMSSigner with the given config file.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package awskms uses the Amazon Web Services' Key Management Service to provide a signing interface for EVM-compatible transactions.
|
Package awskms uses the Amazon Web Services' Key Management Service to provide a signing interface for EVM-compatible transactions. |
|
Package gcpkms uses the Google Cloud Platform's Key Management Service to provide a signing interface for EVM-compatible transactions.
|
Package gcpkms uses the Google Cloud Platform's Key Management Service to provide a signing interface for EVM-compatible transactions. |