Open anvabr opened 3 months ago
I would like to extend a bit the issue opened here by Andrey. We have a particular business case that could ease a lot the guardian implementation with Fireblocks signing service and facilitate the use of guardian based software by non tech users. We (Allcot) would like to use fireblocks as an external signing service between Straatos and MGS.
Business needs:
First option (Guardian does everything with our admin keys)
Allcot configures a system account, the same way we configure IPFS, MongDB, etc. via .env file (or WebUI/or manual configuration in case of MGS)
This is in case Guardian uses real FB for test:
Second option
Co created by Giuseppe and me
Problem description
Current support for Fireblocks in Guardian is limited to signing messages going into Hedera topics (see docs). This is too restrictive, many use-cases require keys used in other (if possible all) operations to be custodied in Fireblocks.
Requirements
Expand the set of Guardian operations in which Fireblocks API is used for signing transactions (using raw signing) remotely. See this repo for examples on how to implement this.
Definition of done
Acceptance criteria
To the extent possible, Guardian keys are in custody of Fireblocks with transactions signed remotely.