Go Ethereum Aws Kms Tx Signer
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Ethereum Etl | 2,547 | 3 days ago | 37 | May 24, 2022 | 132 | mit | Python | |||
| Python scripts for ETL (extract, transform and load) jobs for Ethereum blocks, transactions, ERC20 / ERC721 tokens, transfers, receipts, logs, contracts, internal transactions. Data is available in Google BigQuery https://goo.gl/oY5BCQ | ||||||||||
| Dynamodb Transactions | 325 | 2 years ago | 5 | apache-2.0 | Java | |||||
| Aws | 230 | 123 | 2 months ago | 73 | November 04, 2022 | 49 | bsd-3-clause | Haskell | ||
| Amazon Web Services for Haskell | ||||||||||
| Kinesis Streams Fan Out Kinesis Analytics | 92 | 3 years ago | 7 | apache-2.0 | JavaScript | |||||
| Amazon Kinesis Streams fan-out via Kinesis Analytics (powered by the Serverless Framework) | ||||||||||
| Aws Step Functions Long Lived Transactions | 91 | 2 years ago | 2 | mit-0 | Go | |||||
| Deal with the complexities of dealing with a long lived transaction across distributed components in your microservices architecture using AWS Step Functions. | ||||||||||
| Indyscan | 59 | a month ago | 35 | isc | JavaScript | |||||
| Hyperldger Indy Transaction Explorer | ||||||||||
| Sesdashboard | 46 | 6 months ago | 2 | February 07, 2021 | 10 | mit | PHP | |||
| Analytics and activity tracking dashboard for AWS Simple Email Service | ||||||||||
| Go Ethereum Aws Kms Tx Signer | 42 | a month ago | 1 | mit | Go | |||||
| Ethereum transaction signer using AWS KMS keys. An extension for the go ethereum client library. | ||||||||||
| Saga Pattern Nodejs Aws | 19 | 2 years ago | 18 | apache-2.0 | TypeScript | |||||
| An implementation of Saga pattern for distributed transactions with NodeJS and AWS | ||||||||||
| Stiva | 17 | 6 months ago | 1 | TypeScript | ||||||
| Multicontent serverless cms on AWS with cognito, dynamodb and appsync based on AWS CDK | ||||||||||
AWS KMS transaction signer for go-ethereum
At welthee we are using AWS KMS managed private keys to sign Ethereum transactions.
This little package eases integration with AWS KMS in your GoLang Ethereum project, by extending the functionality offered by the official go-ethereum library.
Import
import "github.com/welthee/go-ethereum-aws-kms-tx-signer/v2"
Usage
In order to sign Ethereum transactions with an AWS KMS key you need to create a KMS key in AWS, and grant your application's principal access to use it.
Then, modify your Ethereum transactor code to use the bind.TransactOpts that this library returns.
Create an AWS KMS key
Create an AWS KMS Assymetric key with key usage of SIGN_VERIFY and spec ECC_SECG_P256K1. Make sure that you add an
appropriate key policy granting your code the following permissions:
kms:GetPublicKey, kms:Sign.
Example key policy:
{
"Sid": "AllowSignAndGetPublicKey",
"Effect": "Allow",
"Resource": "*",
"Principal": {
"AWS": [
"arn:aws:iam::111122223333:user/CMKUser",
"arn:aws:iam::111122223333:role/CMKRole",
"arn:aws:iam::444455556666:root"
]
},
"Action": [
"kms:Sign",
"kms:GetPublicKey"
]
}
Your transactor code
The abigen tool generates bindings that are able to directly operate with the *bind.TransactOpts type.
For instance an IERC20 transactor integrated with the KMS signer would look like this:
var client *ethclient.client
var kmsSvc *kms.KMS
var chainID *big.Int
var erc20Address common.Address
transactor, _ := internal.NewIERC20Transactor(erc20Address, client)
transactOpts := ethawskmssigner.NewAwsKmsTransactorWithChainID(kmsSvc, keyId, chainId)
tx, err := transactor.Transfer(transactOpts, toAddress, big.NewInt(amountInt))
Note how the ethawskmssigner.NewAwsKmsTransactorWithChainID(...) returns a ready to use *bind.TransactOpts.
In order to use in manually constructed transactions, you can use the Signer to sign your transaction yourself. Example:
transactOpts, _ := ethawskmssigner.NewAwsKmsTransactorWithChainID(kmsSvc, keyId, clChainId)
tx := types.NewTransaction(nonce, toAddress, value, gasLimit, gasPrice, nil)
signedTx, _ := transactOpts.Signer(transactOpts.From, tx)
err = client.SendTransaction(context.TODO(), signedTx)
