Sign transaction with external providers

[lethaale]

Hello!

First of all, big thank you for this gem.

All the examples in Wiki use a locally stored private key, for example in Rails credentials. There is a safer way to do this, for example using a "Key as a service" provider like Turnkey. This delegates the responsibility of storing the private key and just exposes an API to sign a transaction. Example https://docs.turnkey.com/api#tag/Signing/operation/SignTransaction.

The approach I'm using is

• sign transaction with turnkey
• call Eth::Client.new().eth_send_raw_transaction

Questions

• is this the correct way to do it?
• is it interesting to add to documentation? Happy to do a PR

[q9f]

• sign transaction with turnkey

• call Eth::Client.new().eth_send_raw_transaction

This is the correct way to do it and also much safer as you already said. The Eth::Key integration is rather for convenience. In production, I hope, projects have a way to handle keys more securely.

I'm open for updates to the documentation! :_)

[lethaale]

Thanks for your quick reply @q9f

Personally I would add an alert on the tx.sign method to avoid using with a hardcoded private key, directly in the code, what do you think? I'm sure that loads of people who just start on this topic don't really know it's not safe / alternatives.

About signing a tx with an external provider, happy to help to draft something for the wiki. Are you happy with mentioning a specific vendor(s)?