An RPC signer proxy server that listens for the eth_signTransaction requests and performs transaction signing using the YubiHSM2 hardware or AWS KMS signer.
Global help command.
cargo r -r -- helpNote
You can connect to YubiHSM2 using two methods: usb or http via -m, --mode option.
-a, --auth-key <auth-key-id> YubiHSM auth key ID [env: YUBIHSM_AUTH_KEY_ID=]
-d, --device-serial <device-serial-id> YubiHSM device serial ID (for USB mode) [env: YUBIHSM_DEVICE_SERIAL_ID=]
--addr <http-address> YubiHSM HTTP address (for HTTP mode) [env: YUBIHSM_HTTP_ADDRESS=]
--port <http-port> YubiHSM HTTP port (for HTTP mode) [env: YUBIHSM_HTTP_PORT=]
-m, --mode <mode> Connection mode (usb or http) [default: usb] [possible values: usb, http]
-p, --pass <password> YubiHSM auth key password [env: YUBIHSM_PASSWORD]Generates a valid secp256k1 key for signing eth transactions with capability SIGN_ECDSA and EXPORTABLE_UNDER_WRAP (if flag -e, --exportable). See docs about Capability here.
cargo r -r -- -d <device-serial-id> -a <auth-key-id> -p <password> generate-key -l <label> -ecargo r -r -- generate-key -h-e, --exportable The key will be exportable or not
-l, --label <label> Key label [default: ]Starts a proxy server and listens for eth_signTransaction requests.
cargo r -r -- -d <device-serial-id> -a <auth-key-id> -p <password> serveNo additional options and flags for serve subcommand.
curl -X POST -H "Content-Type: application/json" -d '{
"id": 1,
"jsonrpc": "2.0",
"method": "eth_signTransaction",
"params": [
{
"chainId": 11155420,
"data": "0x",
"from": "0x",
"gas": "0x7b0c",
"gasPrice": "0x1250b1",
"nonce": "0x0",
"to": "0x",
"value": "0x2386f26fc10000"
}
]
}' http://localhost:3000/key/{id}