Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signing: safer alternative for value bearing chains #674

Open
ascjones opened this issue Aug 4, 2022 · 0 comments · May be fixed by #1602
Open

Signing: safer alternative for value bearing chains #674

ascjones opened this issue Aug 4, 2022 · 0 comments · May be fixed by #1602
Labels
enhancement New feature or request

Comments

@ascjones
Copy link
Collaborator

ascjones commented Aug 4, 2022
edited
Loading

Extracted from #432

At the moment signing transactions requires the secret key to be supplied as a command line argument. This is fine for development, which is the initial use case for this tool. However, for use against live value bearing chains this is unsafe since the secrets will be visible and stored in the shells history.

One option is allow using encrypted file (possibly as the format which polkadot.js uses) with private key.

Another avenue is to explore integration with external signers: ledgers/parity signer/browser extensions etc.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
2 participants
@ascjones @cmichi