kayagokalp
commented
1 week ago The rough design is the following:
- Check cli options to see if the user wants to use a local signer or a KMS one (at this stage if the user provided an arn the signer is a aws kms right away)
2-a. If it is local one, we will guide them through all the same workflow
3-a. If it is aws KMS one, we will use the AWS KMS arn, and basically use the upcoming
AwsKmsSignerwhich implementsSignerfrom rust-sdk, instead ofWalletUnlockedwhich we use by default right now in forc-client
blocked by #6559
We need to implement a KMS signer for forc-client, specifically we can start with AWS KMS solution. This will allow us sign transactions using through KMS rather than local keys for more "shared" and "secure" deployment workflows.