You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At the moment signing transactions requires the secret key to be supplied as a command line argument. This is fine for development, which is the initial use case for this tool. However, for use against live value bearing chains this is unsafe since the secrets will be visible and stored in the shells history.
One option is allow using encrypted file (possibly as the format which polkadot.js uses) with private key.
Another avenue is to explore integration with external signers: ledgers/parity signer/browser extensions etc.
The text was updated successfully, but these errors were encountered:
Extracted from #432
At the moment signing transactions requires the secret key to be supplied as a command line argument. This is fine for development, which is the initial use case for this tool. However, for use against live value bearing chains this is unsafe since the secrets will be visible and stored in the shells history.
One option is allow using encrypted file (possibly as the format which polkadot.js uses) with private key.
Another avenue is to explore integration with external signers: ledgers/parity signer/browser extensions etc.
The text was updated successfully, but these errors were encountered: