Open 852Kerfunkle opened 1 year ago
Had a look and it's not quite clear how the signature is supposed to be included in the sign request.
If anyone has a hint, I'd be happy to make a PR
Here's a hint: https://github.com/midl-dev/tezos-serverless-signer-apps/blob/main/consensus-kms-signer/signer/tezos-kms-client.mjs#L94-L99
040101
spsig...
) as an authentication
header in the signature request.Note that in order to support any kind of authorized key type (tz1, tz2...) 4. and 5. will likely require adding pytezos as a requirement to TRD. That's quite heavy. However, this is very much needed on my end.
@852Kerfunkle are you still around? Are you still happy to make a PR?
Would be nice if signers started with
--require-authentication
were supported.Presumably (but I haven't really looked at the details) one would need to add an auth private key (preferably referencing a file, so it can be generated service-side and only the pubkey exported) to the config and supply a signature along with requests to the signer.