Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEAT] Add a protection layer to MTE wallet pk storage to mitigate risks #9

Open
Dom-Mac opened this issue Oct 26, 2022 · 0 comments
Open

[FEAT] Add a protection layer to MTE wallet pk storage to mitigate risks #9

Dom-Mac opened this issue Oct 26, 2022 · 0 comments
Labels
1-3k 🍰

Comments

@Dom-Mac
Copy link
Collaborator

Dom-Mac commented Oct 26, 2022
edited
Loading

Add a protection layer to MTE wallet pk storage

Description

MTE wallet is an empty wallet used to propose transactions on a Safe as a delagate.
An additional layer of protection for private key management is needed to mitigate the risk of spamming multisigs with unwanted transactions.

Proposed Solution

@jigglyjams
OZ has a suite of products called Defender and one of the sub products is called Relay. This gives you a managed wallet where the keys are managed by some AWS key managment service (I think AWS KMS). You can easily revoke and API key if it get compromised and not have the private key compromised
https://docs.openzeppelin.com/defender/relay

Source

merge-to-earn/utils/initContracts.ts

Line 27 in 91e85cf

export const mteWallet = new ethers.Wallet(String(process.env.PK))

@jjranalli jjranalli changed the title Add a protection layer to MTE wallet pk storage to mitigate the risk of spam transactions [FEAT] Add a protection layer to MTE wallet pk storage to mitigate the risk of spam transactions Oct 30, 2022
@jjranalli jjranalli changed the title [FEAT] Add a protection layer to MTE wallet pk storage to mitigate the risk of spam transactions [FEAT] Add a protection layer to MTE wallet pk storage to mitigate risks Oct 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1-3k 🍰
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Dom-Mac