by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Trent Mohay
    @rain-on
    Hi @coeniebeyers, Azure does the signing and returns a signature which is incorporated to the transaction - the private key never leaves Azure.
    oussamachaabouni
    @oussamachaabouni
    Hello , How to get the accounts in my ibft network ? is it only by getting ethsigner and eth_accounts ?? thank you
    Trent Mohay
    @rain-on
    @oussamachaabouni When eth_accounts is called on EthSigner, ethSIgner responds with the list list of addresses that it is able to sign transactions for; otherwise:
    When you create a new network, the initial accounts and their balances are specified in the genesis file. It is critical the private keys associated with each account are known by the people who control said account.
    oussamachaabouni
    @oussamachaabouni
    okey thank you .. and how can i create a new account ? ( i am new in hyperledger besu, it s for a project in my academic project ) thank you
    alluminoustech
    @alluminoustech
    hey guys Im trying to sign transactions from a contract on ropsten using ethSigner, that's possible?
    Trent Mohay
    @rain-on
    @oussamachaabouni all accounts technically exist in Ethereum - however, they all contain 0-eth unless they have either been allocated funds at network creation (genesis file), or have had funds transferred to them via a transaction
    @alluminoustech Ethsigner is able to sign transaction using the private keys loaded at startup (file, hashicorp vault or azure). Ethsigner is able to submit signed transactions to any web3 provider, no matter which network it is connected to.
    Can you clarify what you mean by "transctions from a contract"?
    alluminoustech
    @alluminoustech
    Can I use ethsigner to sign transactions and messages for an ethereum smartcontract without the need of the hyperledger stack?
    Trent Mohay
    @rain-on
    @alluminoustech ethSigner is a proxy service, which signs ethereum transactions and forwards them to the connected web3-provider (typically, Besu)
    Trent Mohay
    @rain-on
    Meaning, no - you do not need a hyperleder stack - only Ethsigner and Besu.
    alluminoustech
    @alluminoustech
    great, Im trying to use ethSigner as provider for my web3, that's possible? do you have any documentation about that?
    ccolorado
    @ccolorado
    @rain-on Is besu a hard dependency or it be replaces by somehting like geth ?
    Zain
    @sprect8
    Hi everyone, I went through the EthSigner source code and extended it to support Infura (Rinkeby), Azure Key Vault and signing messages using Azure Key Vault through EthSigner. I wrote a long article about it which I hope will be useful to everyone. https://medium.com/@corgi.desu/a-study-on-blockchain-key-management-systems-part-1-a668eedee058?source=friends_link&sk=f888e20f58b769bb638f427eaf5306ec
    Trent Mohay
    @rain-on
    @ccolorado Besu is not a hard dependency - ethsigner should work in front of any web3 provider (eg geth, parity; though isn't actively tested), having said that I'm partial to Besu (given I'm a maintainer) :)
    @sprect8 nice work with the ethsigner mods! I'm thinking the change you made with URL vs IP should be rolled into the main repo, definitely useful - care to raise it as a PR?
    Zain
    @sprect8
    @rain-on thanks! I will raise a PR
    Arvs Indrarys
    @ArvsIndrarys
    Hi all!
    Is there a way to sign blocks of hyperledger besu using EthSigner?
    Like instead of giving it a key file, rather make him call EthSigner
    ccolorado
    @ccolorado
    @rain-on thanks
    Arash
    @arash009
    @ArvsIndrarys no unfortunately not. The restriction is more in Besu rather than Ethsigner. Is the concern the security of the node key stored in Besu?
    Arvs Indrarys
    @ArvsIndrarys
    @arash009 on besu, the private key used is stored plain, with the reference of the file location in the node's config. It would have been better to have it more secret.
    By the way ; I saw in the source code that :
    • for Azure, ethsigner initializes a connexion to Azure KeyVault ; calling its signature API endpoint
    • for HashiCorp Vault, ethsigner extracts the private key to generate a web3j credentials.
      Is there a way to link EthSigner to be able to use not a single but several key from these Keystores?
    like, extracting the 'from' field in a transaction and then look for its associated file/keyvault endpoint/vault secret -- or is it working that way currently and I did not find it?
    Trent Mohay
    @rain-on
    @ArvsIndrarys Ethsigner has a "mult-key" signing mode (https://docs.ethsigner.pegasys.tech/en/latest/Reference/Multikey-Parameters/) - it allows you to specify a directory which is to contain toml files - each of which describes/defines how a key can be loaded (file-based, azure, hashicorp etc).
    Btw - Azure supports the secp256k1 curve, and thus the signing operation is performed in azure - Hashicorp (At the time of code-creation) did not support the curve, so the private key is extracted, and signatures produced locally.
    Arvs Indrarys
    @ArvsIndrarys
    @rain-on thanks !
    juharahmed
    @juharahmed
    Hi guys does EthSigner support multi signature transaction? By multi signature, i meant a transaction that is signed by multiple independent private keys belonging to different public keys (not a transaction signed using multiple private keys that belong to the same public key /address). I am trying to implement an app that requires multiple parties to sign a transaction offline before sending it to the Blockchain. I am using Hyperledger Besu.
    Trent Mohay
    @rain-on
    @juharahmed Unless I'm much mistaken, an Ethereum Transaction can only be signed by a single private key - i.e. the unsigned transction contains a "from" field which contains a single address, and the derived RawTransaction contains only a single signature (not a multi-sig).
    juharahmed
    @juharahmed
    @rain-on Thank you . Yes i think you are right. I was also thinking the same. But i asked this question to Hyperledger Besu guys first. They said yes and they referred me to here for more details. May be they thought i was asking multisignature address transaction. Anyways, do you know any other Blockchain platform that supports what i looking for?
    Trent Mohay
    @rain-on
    @juharahmed I suspect the Besu response meant - "Ethsigner can manage multiple keys (but only use one per transaction, based on the "from" field) - unfortunately I don't know of a multi-sig blockchain platform - but suspect you could implement something like this in a smart-contract (unfortunately, that is where my expertise comes to an end).
    Zain
    @sprect8
    Hi everyone, I added an article for integration Ethsigner, Infura and Hashicorp Vault for those interested and having troubles with it. https://medium.com/@corgi.desu/a-study-on-blockchain-key-management-systems-part-2-hashicorp-vault-ec11013cd765
    Trent Mohay
    @rain-on
    Hey @sprect8, 2 things:
    1. Loving your work :)
    2. Sorry for not getting onto your PR - its on the radar, but we're a bit swamped :(
    Zain
    @sprect8

    @rain-on just glad I can contribute to the great work you're doing and to help the community a bit; sometimes starting out can be daunting

    no worries on the PR, take your time. better to do things right than to rush it

    Diego López León
    @diega
    Hello there, is there any plan to support EIP-712 eth_signTypedData? Do you think there is room for collaboration there? (or maybe the plain to begin eth_sign)
    Arash
    @arash009
    Hi @diega . Yes we are currently in the process of defining some additional functionality around ethsigner and signing in general. Whats the specific context you re looking to support? Just the eth_sign and eth_signTypedData?
    Diego López León
    @diega
    @arash009 it's just eth_signTypedData indeed. We're defining a process for EIP-1812 (Verifiable Claims) that heavily relies on an EIP-172 implementation, for a private network (LACChain). Last night a gave it a try at diega/ethsigner@7986cbe. I didn't want to make any refactor like renaming the TransactionSignerProvider to something more general, but most of the functionality I think it's there. It's just for eth_sign but it's a beginning. It needs a lot of testing though
    Diego López León
    @diega
    @arash009 do you think my changes are well oriented? does it worth I continue that work so I can make a pull request?
    Arash
    @arash009
    Let us have a look and we'll let you know shortly.
    Trent Mohay
    @rain-on
    @diega Just had a flick through your branch, and am impressed at how little you had to touch to make it work. I think you're right, there's some testing required to back it up, but otherwise the change looks simple enough to be put up as a PR (if you're happy to have this in the core code base).
    Only comment from my initial read is that we use "final" everywhere, variables, function parameters - so I'd recommend adding where possible (otherwise I suspect it'll be the one of the first comments!). Lovely work :thumbsup:
    Diego López León
    @diega
    Excellent! I'll add testing and such and send a PR then. Thanks for your feedback!
    Trent Mohay
    @rain-on
    @diega @sprect8 We'll wait for your PRs to come in, but it's worth saying/warning that Ethsigner is probably going to be split into two more explicit halves:
    1. Http Handling and Ethereum-oriented functions
    2. Keyloading and management
      The goal of this, is to allow the signing engine to be reused more effectively in other applications (and TransactionSigner will probably be changed to Signer, or something similarly generic)
      These changes won't be ready until after your PRs have gone through, so should not affect what you're currently doing.
    Diego López León
    @diega

    @rain-on no worries, thanks for the advice. I just sent PegaSysEng/ethsigner#263 but there is a failure running the acceptance tests that seems unrelated to what I made 

    GPG error: https://cli-assets.heroku.com/apt ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5DC22404A6F9F1CA

    let me know if I miss something for this or you'll like some changes to the code

    Diego López León
    @diega
    I tried rebuilding the pipeline many times with push force but it fails everytime the acceptance tests at the "Install Packages - Java 11" step. Aren't you experiencing the same in some other CI environment?
    here is the output of the failure if you want to take a look https://app.circleci.com/pipelines/github/PegaSysEng/ethsigner/598/workflows/0b2c82c0-dda6-45a7-a64b-c70c4d779324/jobs/1972/parallel-runs/0/steps/0-104
    Lucas Saldanha
    @lucassaldanha
    Hi @diega This doesn’t seem to be related to your changes. I’ll follow up with the team and get back to you!
    Diego López León
    @diega
    Thanks @lucassaldanha! maybe a quick check can be running the pipeline for master directly in CircleCI, it should fail the same way. I'll rebase the PR if anything new goes into master
    Lucas Saldanha
    @lucassaldanha
    We have experienced this similar issue in other projects. So I believe we need the same fix here :)
    Diego López León
    @diega
    oh, cool, I'll keep tuned :)
    Lucas Saldanha
    @lucassaldanha
    I have put up a fix on PegaSysEng/ethsigner#265
    Once we merge it, all you need to do is rebase your PR and it should be good to go :+1:
    (assuming my fix works…) :)
    Diego López León
    @diega
    Excellent, I just rebased and everything passes :) I also fixed some missing finals from a review
    Diego López León
    @diega
    Thank you for merging my PR! I'll move forward to implement eth_signTypedData