Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

An example how to manage local private key using env #2380

Merged
merged 3 commits into from
Mar 9, 2022
Merged

An example how to manage local private key using env #2380

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f4d71ae
An example how to manage local private key using env
miohtama Mar 5, 2022
83c4183
Fix extra period
miohtama Mar 5, 2022
22db7bb
add content tweaks and newsfragment
wolovim Mar 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 52 additions & 0 deletions docs/web3.eth.account.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,58 @@ Using private keys usually involves ``w3.eth.account`` in one way or another. Re
or see a full list of things you can do in the docs for
:class:`eth_account.Account <eth_account.account.Account>`.

Read a private key from an environment variable
------------------------------------------------

In this example we pass the private key to our Python application in an
`environment variable <https://en.wikipedia.org/wiki/Environment_variable>`_.
This private key is then added to the transaction signing keychain
with Signing middleware.

You can also `export your private keys from Metamask and other wallets <https://metamask.zendesk.com/hc/en-us/articles/360015289632-How-to-Export-an-Account-Private-Key>`_.

.. warning ::

Never share your private key. Never put your private keys in Python source code.
Never commit private keys to a Git repository. Always keep private keys separate from your source code.

Example `account_test_script.py`

.. code-block:: python

import os
from eth_account import Account
from eth_account.signers.local import LocalAccount
from web3.auto import w3
from web3.middleware import construct_sign_and_send_raw_middleware

private_key = os.environ.get("PRIVATE_KEY")
assert private_key is None, "You must set PRIVATE_KEY environment variable"
assert private_key.startswith("0x"), "Private key must start with 0x hex prefix"

account: LocalAccount = Account.from_key(private_key)
w3.middleware_onion.add(construct_sign_and_send_raw_middleware(account))

print(f"Your hot wallet address is {account.address}")

Example how to run this in UNIX shell:

.. code-block:: shell

# Generate a new 256-bit random integer using openssl UNIX command that acts as a private key.
# You can as well do:
# python -c "from web3 import Web3; w3 = Web3(); acc = w3.eth.account.create(); print(f'private key={w3.toHex(acc.privateKey)}, account={acc.address}')"
# Store this in a safe place, like in your password manager.
export PRIVATE_KEY=0x`openssl rand -hex 32`

# Run our script
python account_test_script.py

This will print::

Your hot wallet account is 0x27C8F899bb69E1501BBB96d09d7477a2a7518918


.. _extract_geth_pk:

Extract private key from geth keyfile
Expand Down