ethereumjs-monorepo icon indicating copy to clipboard operation
ethereumjs-monorepo copied to clipboard

Published 20 hours ago verified publisher icon ethereumjs

Client Signer Setup

Open holgerd77 opened this issue 3 years ago • 2 comments

On a similar realm like #1870 taking into account that the client usage is getting more serious we should give our signer setup some strategic thinking. Should this remain in the client or rather extracted for security reasons? What are successful (secure) setups other clients have? Are there somewhat best practices to secure users PKs?

holgerd77 avatar Apr 29 '22 08:04 holgerd77

In the best case scenario we should be able to support communicating with external signers like clef, however I'm not sure how many people would use this option today so I'm not sure if it's worth spending the time to implement. This would be great for separating concerns and not needing to handle production PKs in the client.

We currently support PK through command line prompt and external file. These are useful for developer scenarios, e.g. the external file PK option was added for hive (CI) support.

ryanio avatar Apr 29 '22 17:04 ryanio

another popular signer I have seen is Web3Signer

ryanio avatar May 16 '22 22:05 ryanio

Outdated, will close.

holgerd77 avatar Feb 20 '24 11:02 holgerd77