KMS Signing support for relayer txs #577
Comments
|
It should certainly be doable via a YubiHSM2. How are you foreseeing an IBC relayer interacting with TMKMS? Would you like for TMKMS to expose a gRPC service? |
|
My mental model is similar to the oracle architecture maybe. |
|
Yeh I think a gRPC makes sense, is that what the oracle uses ? I guess there would also be the option for the rust relayer of running in process but that seems special case. Any thoughts here @ancazamfir |
|
@ebuchman the current transaction signer uses a JSON/HTTP webhook (which makes outgoing requests). At the time we implemented it we needed Amino support, so it was easier to get started with Amino JSON. However, now we have |
|
Is this still relevant or can we close this? @ebuchman Not too familiar with IBC status on this. Thanks |
|
There's no support for TMKMS in Hermes at the moment, so we can maybe keep this issue open to discuss relayer integration with TMKMS? |
|
Would be good to discuss this after we have initial gRPC support |
|
I think the original issue may still stand but it prob doesn't need to be in this repo. @charleenfei @jackzampolin do you know if relayer txs can be signed by hardware yet ? should we move this issue somewhere to track it? I believe all relayers are currently just using text file private keys and that might be fine for now but as relayer balances increase this may become higher priority - cc @adizere @greg-szabo |
|
AFAIK This issue is no longer relevant, we'll close, please reopen if incorrect. |
As discussed in this Stargate issue and elsewhere, IBC messages in Stargate cannot be signed yet by Ledgers.
We should add hardware support for IBC message signing through the TMKMS. @zmanian @tony-iqlusion are there issues for this?
The text was updated successfully, but these errors were encountered: