Skip to content

aliarbak/go-ethereum-aws-kms-wallet-provider

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
example
example
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
provider.go
provider.go
 
 
provider_test.go
provider_test.go
 
 
readme.md
readme.md
 
 

Repository files navigation

AWS KMS Ethereum Wallet Provider for Go

Go Reference Goreport License

The kmswallet is a Go package that enables the creation of Ethereum wallets using the AWS Key Management Service (KMS). It allows you to create wallets(keys on KMS) and sign transactions or messages with them.

The transaction signing implementations in this package are derived from the go-ethereum-aws-kms-tx-signer, which is licensed under the MIT License.

Table of Contents

Installation

You can install it using the following command:

go get github.com/aliarbak/go-ethereum-aws-kms-wallet-provider

Once installed, you can import the package in your Go code:

import "github.com/aliarbak/go-ethereum-aws-kms-wallet-provider"

To create a provider, call the kmswallet.NewProvider(client *kms.Client, cacheExpiration *time.Duration) Provider function. It requires the following parameters:

  • client: A reference to the kms.Client for AWS KMS.
  • cacheExpiration: The cache expiration duration for public keys to avoid fetching them from KMS every time. If nil is provided, the default duration of 1 year will be used.

To create a kms.Client and a wallet provider:

config := aws.Config{
    Region:      "eu-central-1",
    Credentials: credentials.NewStaticCredentialsProvider("AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", ""),
}

kmsClient := kms.NewFromConfig(config) // or you can use kms.New(...)
walletProvider := kmswallet.NewProvider(kmsClient, nil) // with default cache duration

Functionality and Usage

The kmswallet package provides the following functions:

CreateWallet

func CreateWallet(ctx context.Context, input CreateWalletInput) (wallet KMSWallet, err error)

The CreateWallet function is used to create a new wallet with the specified input parameters. The CreateWalletInput struct is defined as follows:

type CreateWalletInput struct {
	Alias                           *string
	IgnoreDefaultWalletAddressAlias bool
	AddWalletAddressTag             bool
	BypassPolicyLockoutSafetyCheck  bool
	CustomKeyStoreId                *string
	Description                     *string
	MultiRegion                     *bool
	Origin                          types.OriginType
	Policy                          *string
	Tags                            map[string]string
	XksKeyId                        *string
}
  • Alias: Specifies a custom alias for the key (e.g., userId).
  • IgnoreDefaultWalletAddressAlias: If the Alias value is nil, the generated wallet address is assigned as the alias. Set this value to true if you want to prevent this and add an alias to the key.
  • AddWalletAddressTag: If set to true, the generated wallet address is added as a tag (walletAddress) to the key.

GetWallet

func GetWallet(ctx context.Context, keyId string) (wallet KMSWallet, err error)

The GetWallet function retrieves a wallet by the specified keyId.

GetWalletTransactor

func GetWalletTransactor(ctx context.Context, keyId string, chainId *big.Int) (*bind.TransactOpts, error)

The GetWalletTransactor function returns a transaction signer (bind.TransactOpts) for the wallet associated with the given keyId and chainId.

GetWalletCaller

func GetWalletCaller(ctx context.Context, keyId string, chainId *big.Int) (*bind.CallOpts, error)

The GetWalletCaller function returns a contract caller (bind.CallOpts) for the wallet associated with the given keyId and chainId.

SignMessage

func SignMessage(ctx context.Context, keyId string, message []byte) ([]byte, error)

The SignMessage function signs the specified message using the wallet associated with the given keyId and returns the signature.

EnableWallet

func EnableWallet(ctx context.Context, keyId string) (*kms.EnableKeyOutput, error)

The EnableWallet function enables the wallet associated with the given keyId.

DisableWallet

func DisableWallet(ctx context.Context, keyId string) (*kms.DisableKeyOutput, error)

The DisableWallet function disables the wallet associated with the given keyId.

Additional Functions

The package also provides several utility functions to work with aliases:

  • GetWalletByAlias: Retrieves a wallet by the specified alias.
  • GetWalletTransactorByAlias: Returns a transaction signer for the wallet associated with the given alias and chainId.
  • GetWalletCallerByAlias: Returns a contract caller for the wallet associated with the given alias and chainId.
  • SignMessageByAlias: Signs the specified message using the wallet associated with the given alias and returns the signature.
  • EnableWalletByAlias: Enables the wallet associated with the given alias.
  • DisableWalletByAlias: Disables the wallet associated with the given alias.
  • GetKeyIdByAlias: Retrieves the keyId associated with the given alias.

Example Usage

You can access detailed usage example from this link.

About

AWS KMS Ethereum Wallet Provider Package for Go

Topics

go aws aws-kms ethereum

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages