@mysten/signers
v0.6.2
Published
A collection of signers for various providers
Maintainers
ebmifa
awelc
jordangens
damirka
jkmysten
ricknies
m_liolios
paul-mysten
cg_myst
yannis.chatzi
rushrs
korterpoundbytesKeywords
Readme
Sui KMS Signers
The Sui KMS Signers package provides a set of tools for securely signing transactions using Key Management Services (KMS) like AWS KMS and GCP KMS.
Table of Contents
AWS KMS Signer
The AWS KMS Signer allows you to leverage AWS's Key Management Service to sign Sui transactions.
Usage
import { AwsKmsSigner } from '@mysten/signers/aws';
const prepareSigner = async () => {
const { AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_KMS_KEY_ID } = process.env;
return AwsKmsSigner.fromKeyId(AWS_KMS_KEY_ID, {
region: AWS_REGION,
accessKeyId: AWS_ACCESS_KEY_ID,
secretAccessKey: AWS_SECRET_ACCESS_KEY,
});
};API
fromKeyId
Create an AWS KMS signer from AWS Key ID and AWS credentials. This method initializes the signer with the necessary AWS credentials and region information, allowing it to interact with AWS KMS to perform cryptographic operations.
Parameters
Examples
const signer = await AwsKmsSigner.fromKeyId('your-kms-key-id', {
region: 'us-west-2',
accessKeyId: 'your-access-key-id',
secretAccessKey: 'your-secret-access-key',
});Returns Promise<AwsKmsSigner> An instance of AwsKmsSigner.
Notice: AWS Signer requires Node >=20 due to dependency on crypto
GCP KMS Signer
The GCP KMS Signer allows you to leverage Google Cloud's Key Management Service to sign Sui transactions.
Usage
fromOptions
Create a GCP KMS signer from the provided options. This method initializes the signer with the necessary GCP credentials and configuration, allowing it to interact with GCP KMS to perform cryptographic operations.
Parameters
optionsobject An object containing GCP credentials and configuration.
Examples
const signer = await GcpKmsSigner.fromOptions({
projectId: 'your-google-project-id',
location: 'your-google-location',
keyRing: 'your-google-keyring',
cryptoKey: 'your-google-key-name',
cryptoKeyVersion: 'your-google-key-name-version',
});
// Retrieve the public key and get the Sui address
const publicKey = signer.getPublicKey();
console.log(publicKey.toSuiAddress());
// Define a test message
const testMessage = 'Hello, GCP KMS Signer!';
const messageBytes = new TextEncoder().encode(testMessage);
// Sign the test message
const { signature } = await signer.signPersonalMessage(messageBytes);
// Verify the signature against the public key
const isValid = await publicKey.verifyPersonalMessage(messageBytes, signature);
console.log(isValid); // Should print true if the signature is validLedger Signer
The Ledger Signer allows you to leverage a Ledger hardware wallet to sign Sui transactions.
Usage
fromDerivationPath
Creates a Ledger signer from the provided options. This method initializes the signer with the necessary configuration, allowing it to interact with a Ledger hardare wallet to perform cryptographic operations.
Parameters
optionsobject An object containing GCP credentials and configuration.projectIdstring The GCP project ID.
Examples
import Transport from '@ledgerhq/hw-transport-node-hid';
import SuiLedgerClient from '@mysten/ledgerjs-hw-app-sui';
import { LedgerSigner } from '@mysten/signers/ledger';
import { getFullnodeUrl, SuiClient } from '@mysten/sui/client';
import { Transaction } from '@mysten/sui/transactions';
const transport = await Transport.open(undefined);
const ledgerClient = new SuiLedgerClient(transport);
const suiClient = new SuiClient({ url: getFullnodeUrl('testnet') });
const signer = await LedgerSigner.fromDerivationPath(
"m/44'/784'/0'/0'/0'",
ledgerClient,
suiClient,
);
// Log the Sui address:
console.log(signer.toSuiAddress());
// Define a test transaction:
const testTransaction = new Transaction();
const transactionBytes = await testTransaction.build();
// Sign a test transaction:
const { signature } = await signer.signTransaction(transactionBytes);
console.log(signature);