Protecting Your Ethereum Private Key With EthSigner
DISCLAIMER: As of September 2019, the Ethereum client formerly known as Pantheon was submitted to the Hyperledger Project of the Linux foundation, and is now known as Hyperledger Besu. In October 2020 PegaSys was renamed to Quorum.
The latest EthSigner now allows you to secure your identity separately from your dApp and Ethereum Client, adding an additional layer of security to operating in Ethereum. EthSigner is able to sign transactions using a Key secured in a variety of cloud providers, or even just encrypted on your local disk.
EthSigner is a great way to secure your identity and all of your Digital assets. PegaSys Blockchain Protocol Engineer, Trent Mohay, explains how it works, and why that’s all so important.
Securing your Digital Assets
Your identity in Ethereum, your Ethereum account, is defined by your Ethereum Private Key – 32 bytes of random data. Your Ethereum (Private) Key represents who you are, and is used to control access to your assets in the Ethereum network such as Ether or smart contracts. Needless to say, ensuring that your Ethereum Key is secure is absolutely critical.
Specifically, the access control mentioned above is provided through the use of cryptographic signatures – a unique, unforge-able tag which proves a given piece of data was produced by a given Private Key (or person).
Every transaction submitted to the Ethereum network contains a signature, which was created using that user’s Ethereum Key. This signature proves the user’s intent to execute the given operation. Thus, everytime you transfer Ether or invoke a contract, your Ethereum Key is used to sign the transaction – and acts as your endorsement of the action.
If your Ethereum Key is released to external parties (i.e. compromised), said parties have full control over your Ethereum Interests and are able to impersonate you in all future dealings. For example, someone/anyone with access to your Ethereum Key is able to:
- Transfer your Ether to another account,
- Invoke contracts on your behalf:
- Lock up your tokens by self-destructing your multisig
- Liquidate your Maker CDPs
- Cast votes
- Control your CryptoKitty breeding program
With that being said, controlling access to your Ethereum Key is critical to protecting your assets stored on the Blockchain.
Signing Transactions on the Ethereum Network
Given the creation of a signature requires your Ethereum Key – the question really becomes “Where is my key going to be accessed from to allow for signing to occur?”.
Transactions can be signed in one of three places:
- Inside your Ethereum client: Geth and Parity both contain “wallets” which can be used to control/protect your Ethereum Key – thus they become the “container” of your key.
- Your key can either live in the file-system, or in a HSM
- Inside the dApp
- Entirely dependent upon how the dApp was created, what it supports etc.
- Inside a “middle-man” wallet application.
- Controls access to keys & signs transactions as required, but separates them from the “Ethereum” world.
External Wallet Applications
By using an External Wallet App, users can separate key storage/management from business logic. This separation is core to ensuring your keys are maintained securely.
PegaSys has recently released its EthSigner Wallet application which acts as a passthrough service, sitting on the network link between the DApp and an Ethereum client’s JSON RPC interface. EthSigner is responsible for forwarding most requests to the client, unchanged (the JSON RPC contains many “administrative” requests above and beyond transactions). However, upon receipt of a Transaction, EthSigner will generate a signature using the stored Ethereum Key, then forward the Transaction and Signature to the Ethereum Client for inclusion to the blockchain.
Ethsigner is able to sign transactions with keys stored in:
- A V3 keystore file
- Hashicorp Vault
- Azure KeyVault
Binary Releases: https://bintray.com/consensys/pegasys-repo/ethsigner
Want the latest PegaSys updates straight to your inbox? Join our mailing list.