Skip to content

rumblefishdev/eth-signer-kms

Repository files navigation

@rumblefishdev/eth-signer-kms

Web3 signer that derives address and signs transactions using AWS KMS.

Install

$ npm i @rumblefishdev/eth-signer-kms

Requirements

aws-sdk

In order to work properly AWS KMS managed key must be:

  • asymmetric
  • able to sign and verify
  • ECC_SECG_P256K1 specified

IAM permissions

Client using the library should have the following IAM permissions to the key that it uses:

  - Effect: Allow
    Action:
      - 'kms:Sign'
      - 'kms:GetPublicKey'
    Resource: !Ref KMSKeyArn

Usage

* Before use, make sure that AWS SDK is properly configured! Find out how to do it here.

KMSSigner is an ethers Signer instance that uses AWS KMS stored keys to sign ethereum transactions.

keyId can be obtained via KMS package of aws-sdk or directly via AWS console. https://github.com/ethereumjs/ethereumjs-monorepo

Parameters:

Parameter Type Default Required Description
keyId string null [x] Key ID of AWS KMS managed private key
provider providers.Provider null [x] Official doc
kmsInstance AWS.KMS new AWS.KMS() [ ] KMS instance from Official doc

Examples

KmsSigner
new KMSSigner(provider, keyId, kms)
await kmsSigner.signMessage(...)
await kmsSigner._signTypedData(...)
function getEthAddressFromKMS
await getEthAddressFromKMS(...)

Migration from v1.7.0 to v2.0.0:

KMSProvider class became KMSSigner, as its instance no longer creates provider but receives one in constructor.

That approach extracts provider dependency from the package and as a result makes it more flexible in terms of use and testing.

Version 1.7.0:

Parameter Type Default Required Description
keyId string null [x] Key ID of AWS KMS managed private key
providerOrUrl string/object null [x] Official doc
chainSettings Common {} [ ] Common object used to configure tx options. If chainId is not passed, it will be obtained automatically via eth_chainId. For details instructions please refer to Common and Tx official docs
shareNonce boolean true [ ] Official doc
pollingInterval number 4000 [ ] Official doc

Credits:

@lucashenning @truffle team