Never use a .env file again!

Never use a .env file again!

Harold Achiando Harold Achiando

Harold Achiando

Smart Contract Developer @ Strategies Optimales | Cloud Computing

发布日期: 2024年9月1日
+ 关注

A better and safer way to store your private keys is in foundry.

Run this on your terminal (not code editor, it may have bugs!) 

cast wallet import myKey --interactive

The key name can be whatever you want it to be (replace myKey as desired).

The interactive flag will interactively as you for the private key and your password as shown: 

Enter private key:        
Enter password:

Once complete, you will get such a response: 

myKey keystore was saved successfully. Address: 0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266


All you now need to remember is your password ( use something unique, not your regular password used in other places since you a leakage in one site can cost you this too).


When you run 

cast wallet list

on the terminal, you will get a list of all your keys, in my case it will only be one 

myKey (Local)

To use the private key to deploy, follow this: 

forge script script/DeployMyContract.s.sol:DeployMyContract --rpc-url https://localhost:8545 --account myKey --sender 0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266 --broadcast

You will then be asked for the keystore password for it to access the stored key.

To see all your keys run these one by one:

领英推荐

cd        
cd .foundry/keystores        
ls

It will return your keys as earlier stored. 

myKey

To see the content of the key: 

cat myKey

And you'll get this encrypted version of your private key that follows the ERC-2335: BLS12-381 Keystore format: 

{"crypto":{"cipher":"aes-128-ctr","cipherparams":{"iv":"5f9b4bfb170595389fb949f2f49bb612"},"ciphertext":"de6a21cc9602227817d8c7288c3e3ed7226ff058f7ac6181abf5411577ea4ed6","kdf":"scrypt","kdfparams":{"dklen":32,"n":8192,"p":1,"r":8,"salt":"0138eac2292ea1a746de88439101057e787c9b2a6cf5bf4f5af933661ded08d0"},"mac":"993e7aadde4ea1ff9b489fe548082878322585296c8cada4a75db8fe4128aaa0"},"id":"cbdcfe6c-2ac4-4c46-a9f3-58e1b1758f75","version":3}

When you run history, you will get all the recent commands including your unencrypted private key. Anyone with access to your terminal can steal your private key even after you have encrypted it.

on the terminal run: 

history -c

This will clear all history.

Remember to also clear the bash history: 

cd        
rm .bash_history

You are now safer than 95% of developers around the world!

It's fun isn't it? Let's thank @rplusq for this awesome security improvement.


要查看或添加评论,请登录

Harold Achiando的更多文章

社区洞察

其他会员也浏览了