-
Notifications
You must be signed in to change notification settings - Fork 928
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Encrypt deployer PK on .env file (when using hardhat) (#1008)
- Loading branch information
Showing
10 changed files
with
253 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
import { ethers } from "ethers"; | ||
import { parse, stringify } from "envfile"; | ||
import * as fs from "fs"; | ||
import password from "@inquirer/password"; | ||
|
||
const envFilePath = "./.env"; | ||
|
||
const getValidatedPassword = async () => { | ||
while (true) { | ||
const pass = await password({ message: "Enter a password to encrypt your private key:" }); | ||
const confirmation = await password({ message: "Confirm password:" }); | ||
|
||
if (pass === confirmation) { | ||
return pass; | ||
} | ||
console.log("❌ Passwords don't match. Please try again."); | ||
} | ||
}; | ||
|
||
const getWalletFromPrivateKey = async () => { | ||
while (true) { | ||
const privateKey = await password({ message: "Paste your private key:" }); | ||
try { | ||
const wallet = new ethers.Wallet(privateKey); | ||
return wallet; | ||
// eslint-disable-next-line @typescript-eslint/no-unused-vars | ||
} catch (e) { | ||
console.log("❌ Invalid private key format. Please try again."); | ||
} | ||
} | ||
}; | ||
|
||
const setNewEnvConfig = async (existingEnvConfig = {}) => { | ||
console.log("👛 Importing Wallet\n"); | ||
|
||
const wallet = await getWalletFromPrivateKey(); | ||
|
||
const pass = await getValidatedPassword(); | ||
const encryptedJson = await wallet.encrypt(pass); | ||
|
||
const newEnvConfig = { | ||
...existingEnvConfig, | ||
DEPLOYER_PRIVATE_KEY_ENCRYPTED: encryptedJson, | ||
}; | ||
|
||
// Store in .env | ||
fs.writeFileSync(envFilePath, stringify(newEnvConfig)); | ||
console.log("\n📄 Encrypted Private Key saved to packages/hardhat/.env file"); | ||
console.log("🪄 Imported wallet address:", wallet.address, "\n"); | ||
console.log("⚠️ Make sure to remember your password! You'll need it to decrypt the private key."); | ||
}; | ||
|
||
async function main() { | ||
if (!fs.existsSync(envFilePath)) { | ||
// No .env file yet. | ||
await setNewEnvConfig(); | ||
return; | ||
} | ||
|
||
const existingEnvConfig = parse(fs.readFileSync(envFilePath).toString()); | ||
if (existingEnvConfig.DEPLOYER_PRIVATE_KEY_ENCRYPTED) { | ||
console.log("⚠️ You already have a deployer account. Check the packages/hardhat/.env file"); | ||
return; | ||
} | ||
|
||
await setNewEnvConfig(existingEnvConfig); | ||
} | ||
|
||
main().catch(error => { | ||
console.error(error); | ||
process.exitCode = 1; | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
import * as dotenv from "dotenv"; | ||
dotenv.config(); | ||
import { Wallet } from "ethers"; | ||
import password from "@inquirer/password"; | ||
import { spawn } from "child_process"; | ||
import { config } from "hardhat"; | ||
|
||
/** | ||
* Unencrypts the private key and runs the hardhat deploy command | ||
*/ | ||
async function main() { | ||
const networkIndex = process.argv.indexOf("--network"); | ||
const networkName = networkIndex !== -1 ? process.argv[networkIndex + 1] : config.defaultNetwork; | ||
|
||
if (networkName === "localhost" || networkName === "hardhat") { | ||
// Deploy command on the localhost network | ||
const hardhat = spawn("hardhat", ["deploy", ...process.argv.slice(2)], { | ||
stdio: "inherit", | ||
env: process.env, | ||
shell: process.platform === "win32", | ||
}); | ||
|
||
hardhat.on("exit", code => { | ||
process.exit(code || 0); | ||
}); | ||
return; | ||
} | ||
|
||
const encryptedKey = process.env.DEPLOYER_PRIVATE_KEY_ENCRYPTED; | ||
|
||
if (!encryptedKey) { | ||
console.log("🚫️ You don't have a deployer account. Run `yarn generate` or `yarn account:import` first"); | ||
return; | ||
} | ||
|
||
const pass = await password({ message: "Enter password to decrypt private key:" }); | ||
|
||
try { | ||
const wallet = await Wallet.fromEncryptedJson(encryptedKey, pass); | ||
process.env.__RUNTIME_DEPLOYER_PRIVATE_KEY = wallet.privateKey; | ||
|
||
const hardhat = spawn("hardhat", ["deploy", ...process.argv.slice(2)], { | ||
stdio: "inherit", | ||
env: process.env, | ||
shell: process.platform === "win32", | ||
}); | ||
|
||
hardhat.on("exit", code => { | ||
process.exit(code || 0); | ||
}); | ||
// eslint-disable-next-line @typescript-eslint/no-unused-vars | ||
} catch (e) { | ||
console.error("Failed to decrypt private key. Wrong password?"); | ||
process.exit(1); | ||
} | ||
} | ||
|
||
main().catch(console.error); |
Oops, something went wrong.