hardhat icon indicating copy to clipboard operation
hardhat copied to clipboard
verified publisher icon NomicFoundation

Don't recommend putting private keys into a version-controlled file

Open danfinlay opened this issue 3 years ago • 3 comments

This doc page currently shows sample code that involves pasting a private key into a file that I find regularly version controlled around github.

This sounds like a recipe for private keys being leaked by developers.

Rather than this MVP example, I would recommend having an example that shows at least basic private key sanitation, like how #1748 shows that using a .env file is common.

danfinlay avatar Dec 27 '21 01:12 danfinlay

Thanks for the feedback. We are looking to implement ways to improve our key management and provide a long term solution.

In the meantime, we will take an action to review that doc page. Thanks again.

kanej avatar Jan 05 '22 10:01 kanej

This issue was marked as stale because it didn't have any activity in the last 30 days. If you think it's still relevant, please leave a comment indicating so. Otherwise, it will be closed in 7 days.

github-actions[bot] avatar Jun 04 '22 23:06 github-actions[bot]

@fvictorio I would like to work on this.

lilpolymath avatar Dec 14 '23 01:12 lilpolymath