The latest EthSigner now allows you to secure your identity separately from your dApp and Ethereum Client, adding an additional layer of security to operating in Ethereum. EthSigner is able to sign transactions using a Key secured in a variety of cloud providers, or even just encrypted on your local disk.
EthSigner is a great way to secure your identity and all of your Digital assets. PegaSys Blockchain Protocol Engineer, Trent Mohay, explains how it works, and why that’s all so important.
Your identity in Ethereum, your Ethereum account, is defined by your Ethereum Private Key – 32 bytes of random data. Your Ethereum (Private) Key represents who you are, and is used to control access to your assets in the Ethereum network such as Ether or smart contracts. Needless to say, ensuring that your Ethereum Key is secure is absolutely critical.
Specifically, the access control mentioned above is provided through the use of cryptographic signatures – a unique, unforge-able tag which proves a given piece of data was produced by a given Private Key (or person).
Every transaction submitted to the Ethereum network contains a signature, which was created using that user’s Ethereum Key. This signature proves the user’s intent to execute the given operation. Thus, everytime you transfer Ether or invoke a contract, your Ethereum Key is used to sign the transaction – and acts as your endorsement of the action.
If your Ethereum Key is released to external parties (i.e. compromised), said parties have full control over your Ethereum Interests and are able to impersonate you in all future dealings. For example, someone/anyone with access to your Ethereum Key is able to:
With that being said, controlling access to your Ethereum Key is critical to protecting your assets stored on the Blockchain.
Given the creation of a signature requires your Ethereum Key – the question really becomes “Where is my key going to be accessed from to allow for signing to occur?”.
Transactions can be signed in one of three places:
By using an External Wallet App, users can separate key storage/management from business logic. This separation is core to ensuring your keys are maintained securely.
PegaSys has recently released its EthSigner Wallet application which acts as a passthrough service, sitting on the network link between the DApp and an Ethereum client’s JSON RPC interface. EthSigner is responsible for forwarding most requests to the client, unchanged (the JSON RPC contains many “administrative” requests above and beyond transactions). However, upon receipt of a Transaction, EthSigner will generate a signature using the stored Ethereum Key, then forward the Transaction and Signature to the Ethereum Client for inclusion to the blockchain.
Ethsigner is able to sign transactions with keys stored in:
Binary Releases: https://bintray.com/consensys/pegasys-repo/ethsigner