npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

fcl-kms-authorizer

v0.0.16

Published

AWS KMS authorizer (signer) for Flow blockchain.

Downloads

385

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

avcdsldavcdsld

Keywords

flowkmsfclonflowsigner

Readme

npm version test

fcl-kms-authorizer

AWS KMS authorizer (signer) for Flow blockchain.

Install

$ npm install fcl-kms-authorizer

Examples

See send-tx.ts.

import * as fcl from "@onflow/fcl";
import { send as httpSend } from "@onflow/transport-http";
import { KmsAuthorizer } from "fcl-kms-authorizer";
import { fromEnv } from "@aws-sdk/credential-providers";

const region = "us-east-1";
const keyIds = ["xxxxx-xxxx-xxxx-xxxx-xxxxxxxx"];
const apiUrl = "http://localhost:8888";

fcl.config().put("accessNode.api", apiUrl).put("sdk.transport", httpSend);

async function main() {
  // Create an instance of the authorizer
  const authorizer = new KmsAuthorizer(
    // The first argument can be the same as the option for AWS client.
    {
      credentials: fromEnv(), // see. https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-providers#fromenv
      region,
    },
    keyIds
  );

  // Get public key
  const publicKey = await authorizer.getPublicKey();
  console.log("publicKey:", publicKey);

  // Sign and send transactions with KMS
  //

  // `address` and `keyIndexes` obtained when the account was created.
  const address = "01cf0e2f2f715450";
  const keyIndexes = [0];

  const authorization = authorizer.authorize(address, keyIndexes);

  const response = await fcl.send([
    fcl.transaction`
      transaction {
        prepare(signer: AuthAccount) {
          log('Test transaction signed by fcl-kms-authorizer')
        }
      }
    `,
    fcl.args([]),
    fcl.proposer(authorization),
    fcl.authorizations([authorization]),
    fcl.payer(authorization),
    fcl.limit(9999),
  ]);
  await fcl.tx(response).onceSealed();

  console.log("Transaction Succeeded");

  // Sign a user message with KMS
  const signer = authorizer.getSigner();
  const signature = await signer.signUserMessage("test message");
  console.log("User Signature:", signature);
}

main().catch((e) => console.error(e));

How to set up AWS KMS

Flow and this library support asymmetric keys of secp256k1. Therefore, you need to generate a key in AWS KMS with the following settings:

  • Key type: Asymmetric
  • Key usage: Sign and verify
  • Key spec: ECC_SECG_P256K1

Create Key

Configure Key

Once the key is generated, you will get the Key ID.

Key Info

* Note: These UIs are subject to change.

How to create a Flow account

Flow blockchain requires you to create an account with this public key in advance.

Once the account is created, the address and key index are determined.

There are several ways to create an account. For details, please refer to Flow documentation.

  • Using Flow CLI
    • Ref: https://docs.onflow.org/flow-cli/create-accounts
  • Using Flow Testnet Faucet (for Testnet)
    • Ref: https://docs.onflow.org/dapp-deployment/testnet-deployment#creating-an-account
  • Using Flow Go SDK
    • Ref: https://docs.onflow.org/flow-go-sdk/creating-accounts
  • Using Flow JavaScript SDK

To obtain the public key needed to create an account, execute the following code.

// Get the public key
const publicKey = await authorizer.getPublicKey();

// -> e.g. a4e58eac80de2e8c37fea02a1b898623a73e729878d449649e68c7485c94d887b607439d94d6cad68134681443dd9b83d87312d08b6d6cf3f08e7f7fbd5f782e

An example of creating an account using Flow CLI is shown below:

# Single key
$ flow accounts create \
      --sig-algo ECDSA_secp256k1 \
      --key a4e58eac80de2e8c37fea02a1b898623a73e729878d449649e68c7485c94d887b607439d94d6cad68134681443dd9b83d87312d08b6d6cf3f08e7f7fbd5f782e

# Multiple keys
$ flow accounts create \
      --sig-algo ECDSA_secp256k1 \
      --key a4e58eac80de2e8c37fea02a1b898623a73e729878d449649e68c7485c94d887b607439d94d6cad68134681443dd9b83d87312d08b6d6cf3f08e7f7fbd5f782e,3ccefe05e593c5333f26d1642718ac4ab5d7ebb1ddf23b078e0afcb6e2e39a7c307669209124dc038348af6f61b9a70e86a8b7c384c8fd0ba4346ae3f4246cfe \
      --key-weight 1000,1000

Also, if you want to use Flow Testnet Faucet, choose the following settings. (Note: UI is subject to change)

Key Info

Security caveats

This library is designed for backend or administrative frontend use; be careful not to expose your AWS access information to users.

With the asymmetric keys in AWS KMS, no one can steal your private key. However, please be careful not to disclose access to the signing function to anyone.