Transaction Signer configuration

Goal

Tx-Signer is an Orchestrate worker responsible for:

  • Signing transactions;
  • Creating new Private Keys;
  • Crediting Private Keys at the moment of their creation using a faucet.

It consumes messages from tx-signer kafka topic and publishes to tx-sender topic.

Quick-Start

Configure application

The application can be configured through flags or environment variables, you can run the help run command line:

go run . help run
Usage:
  orchestrate tx-signer run [flags]

Flags:
      --faucet-credit-amount string         Amount to credit when calling Faucet (Wei in decimal format)
                                            Environment variable: "FAUCET_CREDIT_AMOUNT" (default "100000000000000000")
      --faucet-creditor-address strings     Addresses of Faucet on each chain (format <chainID>@<Address>)
                                            Environment variable: "FAUCET_CREDITOR_ADDRESS"
  -h, --help                                help for run
      --kafka-group string                  Address of Kafka server to connect to.
                                            Environment variable: "KAFKA_GROUP" (default "group-e2e")
      --kafka-tls-ca-cert-file string       CA cert file Path.
                                            Environment variable: "KAFKA_TLS_CA_CERT_FILE"
      --kafka-tls-client-cert-file string   Client Cert File Path.
                                            Environment variable: "KAFKA_TLS_CLIENT_CERT_FILE"
      --kafka-tls-client-key-file string    Client key file Path.
                                            Environment variable: "KAFKA_TLS_CLIENT_KEY_FILE"
      --kafka-tls-enabled                   Whether or not to use TLS when connecting to the broker (defaults to false).
                                            Environment variable: "KAFKA_TLS_ENABLED"
      --kafka-tls-insecure-skip-verify      Controls whether a client verifies the server's certificate chain and host name. If InsecureSkipVerify is true, TLS accepts any certificate presented by the server and any host name in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks. This should be used only for testing.
                                            Environment variable: "KAFKA_TLS_INSECURE_SKIP_VERIFY"
      --kafka-url strings                   URL (addresses) of Kafka server(s) to connect to.
                                            Environment variable: "KAFKA_URL" (default [localhost:9092])
      --secret-pkey strings                 Private keys to pre-register in key store. Warning - Do not use in production. 
                                            Environment variable: "SECRET_PKEY"
      --secret-store string                 Type of secret store for private keys (one of "in-memory" "hashicorp")
                                            Environment variable: "SECRET_STORE" (default "in-memory")
      --tessera-url stringToString          Tessera URLs (endpoints)
                                            Environment variable: "TESSERA_URL" (default [])
      --topic-tx-recover string             Kafka topic for envelopes waiting for their transaction recovered
                                            Environment variable: "TOPIC_TX_RECOVER" (default "topic-tx-recover")
      --topic-tx-sender string              Kafka topic for envelopes waiting for their transaction sent
                                            Environment variable: "TOPIC_TX_SENDER" (default "topic-tx-sender")
      --topic-tx-signer string              Kafka topic for envelopes waiting for their transaction signed
                                            Environment variable: "TOPIC_TX_SIGNER" (default "topic-tx-signer")
      --topic-wallet-generated string       Kafka topic for newly generated wallets
                                            Environment variable: "TOPIC_WALLET_GENERATED" (default "topic-wallet-generated")
      --topic-wallet-generator string       Kafka topic for generating new wallets
                                            Environment variable: "TOPIC_WALLET_GENERATOR" (default "topic-wallet-generator")
      --vault-burst-limit int               Hashicorp query burst limit
                                            Environment variable: "VAULT_RATE_LIMIT"
      --vault-ca-cert string                Hashicorp CA certificate
                                            Environment variable: "VAULT_CA_CERT"
      --vault-ca-path string                Path toward the CA certificate
                                            Environment variable: "VAULT_CA_PATH"
      --vault-client-cert string            Certificate of the client
                                            Environment variable: "VAULT_CLIENT_CERT"
      --vault-client-key string             Hashicorp client key
                                            Environment variable: "VAULT_CLIENT_KEY"
      --vault-client-timeout duration       Hashicorp clean timeout of the client
                                            Environment variable: "VAULT_CLIENT_TIMEOUT" (default 1m0s)
      --vault-kv-version string             Determine which version of the kv secret engine we will be using
                                            Can be "v1" or "v2".
                                            Environment variable: "VAULT_KV_VERSION"  (default "v2")
      --vault-max-retries int               Hashicorp max retry for a request
                                            Environment variable: "VAULT_MAX_RETRIES"
      --vault-mount-point string            Specifies the mount point used. Should not start with a //
                                            Environment variable: "VAULT_MOUNT_POINT"  (default "secret")
      --vault-rate-limit float              Hashicorp query rate limit
                                            Environment variable: "VAULT_RATE_LIMIT"
      --vault-secret-path string            Hashicorp secret path
                                            Environment variable: "VAULT_SECRET_PATH" (default "default")
      --vault-skip-verify                   Hashicorp skip verification
                                            Environment variable: "VAULT_SKIP_VERIFY"
      --vault-tls-server-name string        Hashicorp TLS server name
                                            Environment variable: "VAULT_TLS_SERVER_NAME"
      --vault-token-file string             Specifies the token file path.
                                            Parameter ignored if the token has been passed by VAULT_TOKEN
                                            Environment variable: "VAULT_TOKEN_FILE"  (default "/vault/token/.vault-token")
      --vault-url string                    Hashicorp URL of the remote hashicorp vault
                                            Environment variable: "VAULT_URL" (default "https://127.0.0.1:8200")

Warning

♦ Default values can be changed by using environment variables.

♦ Environment variables will be overwritten by Flags values.

Tip

For more information regarding the Faucet Service please go to References/Faucet Service.