-
Notifications
You must be signed in to change notification settings - Fork 353
/
signers.rs
140 lines (130 loc) · 4.6 KB
/
signers.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
use async_trait::async_trait;
use ethers::prelude::{AwsSigner, LocalWallet};
use eyre::{bail, eyre, Context, Report};
use rusoto_core::credential::EnvironmentProvider;
use rusoto_core::{HttpClient, Region};
use rusoto_kms::KmsClient;
use serde::Deserialize;
use tracing::instrument;
use hyperlane_core::{config::*, H256};
use crate::settings::KMS_CLIENT;
/// Signer types
#[derive(Default, Debug, Clone)]
pub enum SignerConf {
/// A local hex key
HexKey {
/// Private key value
key: H256,
},
/// An AWS signer. Note that AWS credentials must be inserted into the env
/// separately.
Aws {
/// The UUID identifying the AWS KMS Key
id: String,
/// The AWS region
region: Region,
},
/// Assume node will sign on RPC calls
#[default]
Node,
}
/// Raw signer types
#[derive(Debug, Deserialize, Default)]
#[serde(rename_all = "camelCase")]
pub struct RawSignerConf {
#[serde(rename = "type")]
signer_type: Option<String>,
key: Option<String>,
id: Option<String>,
region: Option<String>,
}
impl FromRawConf<'_, RawSignerConf> for SignerConf {
fn from_config_filtered(
raw: RawSignerConf,
cwp: &ConfigPath,
_filter: (),
) -> ConfigResult<Self> {
let key_path = || cwp + "key";
let region_path = || cwp + "region";
match raw.signer_type.as_deref() {
Some("hexKey") => Ok(Self::HexKey {
key: raw
.key
.ok_or_else(|| eyre!("Missing `key` for HexKey signer"))
.into_config_result(key_path)?
.parse()
.into_config_result(key_path)?,
}),
Some("aws") => Ok(Self::Aws {
id: raw
.id
.ok_or_else(|| eyre!("Missing `id` for Aws signer"))
.into_config_result(|| cwp + "id")?,
region: raw
.region
.ok_or_else(|| eyre!("Missing `region` for Aws signer"))
.into_config_result(region_path)?
.parse()
.into_config_result(region_path)?,
}),
Some(t) => Err(eyre!("Unknown signer type `{t}`")).into_config_result(|| cwp + "type"),
None if raw.key.is_some() => Ok(Self::HexKey {
key: raw.key.unwrap().parse().into_config_result(key_path)?,
}),
None => Ok(Self::Node),
}
}
}
impl SignerConf {
/// Try to convert the ethereum signer to a local wallet
#[instrument(err)]
pub async fn build<S: BuildableWithSignerConf>(&self) -> Result<S, Report> {
S::build(self).await
}
}
/// Builder trait for signers
#[async_trait]
pub trait BuildableWithSignerConf: Sized {
async fn build(conf: &SignerConf) -> Result<Self, Report>;
}
#[async_trait]
impl BuildableWithSignerConf for hyperlane_ethereum::Signers {
async fn build(conf: &SignerConf) -> Result<Self, Report> {
Ok(match conf {
SignerConf::HexKey { key } => hyperlane_ethereum::Signers::Local(LocalWallet::from(
ethers::core::k256::ecdsa::SigningKey::from(
ethers::core::k256::SecretKey::from_be_bytes(key.as_bytes())
.context("Invalid ethereum signer key")?,
),
)),
SignerConf::Aws { id, region } => {
let client = KMS_CLIENT.get_or_init(|| {
KmsClient::new_with_client(
rusoto_core::Client::new_with(
EnvironmentProvider::default(),
HttpClient::new().unwrap(),
),
region.clone(),
)
});
let signer = AwsSigner::new(client, id, 0).await?;
hyperlane_ethereum::Signers::Aws(signer)
}
SignerConf::Node => bail!("Node signer"),
})
}
}
#[async_trait]
impl BuildableWithSignerConf for fuels::prelude::WalletUnlocked {
async fn build(conf: &SignerConf) -> Result<Self, Report> {
Ok(match conf {
SignerConf::HexKey { key } => {
let key = fuels::signers::fuel_crypto::SecretKey::try_from(key.as_bytes())
.context("Invalid fuel signer key")?;
fuels::prelude::WalletUnlocked::new_from_private_key(key, None)
}
SignerConf::Aws { .. } => bail!("Aws signer is not supported by fuel"),
SignerConf::Node => bail!("Node signer is not supported by fuel"),
})
}
}