Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow passing private key and bypassing web ui for graph publish #1673

Open
saihaj opened this issue May 27, 2024 · 4 comments
Open

allow passing private key and bypassing web ui for graph publish #1673

saihaj opened this issue May 27, 2024 · 4 comments
Labels
area/cli enhancement New feature or request
Milestone
Decouple Graph CL...

Comments

@saihaj
Copy link
Member

saihaj commented May 27, 2024

In #1670 introduce a new command that allows publishing to the network. It links user to go to the cli.thegraph.com (located here) and the user adds metadata and finishes signing in their wallet.

@schmidsi suggested that we should allow user filling out all this metadata via the CLI and then let them provide a local private key which will be used to sign the transaction.
@saihaj saihaj added enhancement New feature or request area/cli labels May 27, 2024
@schmidsi
Copy link
Member

Maybe using this: https://github.com/smartcontractkit/env-enc

@alexandre-abrioux alexandre-abrioux mentioned this issue May 27, 2024
Open
3 tasks
@mitchhs12
Copy link
Contributor

I think that this should definitely be added. There are many developers that I think would strongly benefit by being able to automate publishing of their deployments.

@azf20 azf20 added this to Tooling May 28, 2024
@azf20 azf20 moved this to 🔖 Next in Tooling May 28, 2024
@schmidsi
Copy link
Member

@saihaj any update on this?

@alex-pakalniskis
Copy link
Collaborator

Copy-pasted from Slack. Thanks @DenisCarriere and @schmidsi for the suggestions.

Regarding this issue, I don't think we should be allowing developers to be copy-pasting their private key directly in a CLI

Usually when doing a demo, it's not wise to be showcasing your private key and if the CLI has this as a requirement, it will always be difficult to run a demo to publish a Subgraph directly via CLI, also when doing bash commands, the last commands are usually retained in history by zsh, this would force devs to expose their private key on every publish command.

Solution: Have the CLI have it's own password encrypted private key management, there's a lot of examples on how to implement this

Copying over some CLI methods that StreamingFast built a long time ago (eosc) which was very effective as private key management CLI solution:

Usage:
  graph vault [command]

Available Commands:
  add         Add private keys to an existing vault taking input from the shell
  create      Create a new encrypted EVM keys vault
  export      Export private keys (and corresponding public keys) inside an graph vault.
  list        List public keys inside an graph vault.
  serve       Serves signing queries on a local port.

on that same topic, Simon mentioned a good alternative to this by using env-enc: https://github.com/smartcontractkit/env-enc
That would also achieve the same goal and be easier to implement

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/cli enhancement New feature or request
Projects
Tooling
Status: 🔖 Next
Milestone
Decouple Graph CLI from Subgraph Studio
Development

No branches or pull requests
4 participants
@schmidsi @alex-pakalniskis @saihaj @mitchhs12