0.5.1 • Published 1 year ago

@mon-studios/kms-signer v0.5.1

Weekly downloads
-
License
ISC
Repository
-
Last release
1 year ago

@mon-studios/kms-signer

This is a fork of @rumblefishdev/eth-signer-kms. We thank the original developer for his work in building this library.

Web3 signer that derives address and signs transactions using AWS KMS.

Install

$ npm i @mon-studios/kms-signer

Requirements

aws-sdk

In order to work properly AWS KMS managed key must be:

  • asymmetric
  • able to sign and verify
  • ECC_SECG_P256K1 specified

IAM permissions

Client using the library should have the following IAM permissions to the key that it uses:

  - Effect: Allow
    Action:
      - 'kms:Sign'
      - 'kms:GetPublicKey'
    Resource: !Ref KMSKeyArn

Usage

* Before use, make sure that AWS SDK is properly configured! Find out how to do it here.

KMSSigner is an ethers Signer instance that uses AWS KMS stored keys to sign ethereum transactions.

keyId can be obtained via KMS package of aws-sdk or directly via AWS console. https://github.com/ethereumjs/ethereumjs-monorepo

Parameters:

ParameterTypeDefaultRequiredDescription
keyIdstringnullxKey ID of AWS KMS managed private key
providerproviders.ProvidernullxOfficial doc
kmsInstanceAWS.KMSnew AWS.KMS() KMS instance from Official doc

Examples

For working examples, refer to the tests.

KmsSigner
  • KmsSigner initialization
new KMSSigner(provider, keyId, kms)
  • signMessage
await kmsSigner.signMessage(...)
  • _signTypedData
await kmsSigner._signTypedData(...)
function getEthAddressFromKMS
  • getEthAddressFromKMS
await getEthAddressFromKMS(...)