step by step tutorial to sign ethereum transaction using azure keyvault, web3py and python3
Javascript version: https://github.com/tmarkovski/ethereumjs-tx-keyvault/
Python 3 and requirements:
pip install -r requirements.txt
Some crypto-related python libraries require some special dependencies
Ubuntu:
sudo apt-get install build-essential automake libtool pkg-config libffi-dev python-dev python-pip libsecp256k1-dev
MacOS:
brew install openssl libtool pkg-config automake
export LDFLAGS="-L$(brew --prefix openssl)/lib" CFLAGS="-I$(brew --prefix openssl)/include"
Login on the Azure Portal ( https://portal.azure.com/ )
- Go to
Key Vaults
- Create a new Keyvault
- Set up policies of your keyvault to the Service Principal
- Go to your keyvault
- Create a new key and select SECP256k1 options
- Done
Copy the contents of config.py.sample
to a new file named config.py
and fill it with your secrets
Your service principal credentials:
CLIENT_ID
is a UUIDPASSWORD
is the password
The Vault details:
TENANT_ID
is the directory ID, available in the keyvault overviewVAULT_URL
is the Vault link, available in the keyvault overview asDNS Name
The Key details:
KEY_NAME
is the key nameKEY_VERSION
is the key version
Run a ganache-cli instance
ganache-cli
Makes sure that the address has enough balance.
You might need to change the nonce manually (in the example.py) or replace it with getTransactionCount
( https://web3py.readthedocs.io/en/stable/web3.eth.html#web3.eth.Eth.getTransactionCount )
python3 example.py