Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Hashicorp Vault store #46

Open
bliiitz opened this issue Oct 5, 2022 · 2 comments
Open

Add Hashicorp Vault store #46

bliiitz opened this issue Oct 5, 2022 · 2 comments

Comments

@bliiitz
Copy link

bliiitz commented Oct 5, 2022

Hello @wealdtech ,
First of all, thank you for your jobs on ETH2 validation components.
I'm Cloud Architect working for Stake Capital and I'm building an ETH2 validation infrastructure to provide a large range of validators.
The technical stack is build on top of EKS (Kubernetes managed service on AWS) for Dirk and Vouch.
Historically, we are using Hashicorp Vault (https://www.vaultproject.io/) for secret management and we want to use it as wallet storage for this infra.
We are using Vault as Certificate Authority too to manage certificate of Dirk and Vouch services

So, I've fork your S3 wallet store librairy and i've adapted it to work with the KVv2 of vault storage:
https://github.com/bliiitz/go-eth2-wallet-store-vault (tests inside hasn't been updated)

For Vault authentication, I've implemented 2 ways:

  • Provide directly a vault token (for test localy)
  • Authentication with Kubernetes service account (for production)

After that, I've fork and update Dirk to handle this new lib:
https://github.com/bliiitz/dirk/blob/master/core/stores.go#L82

And now for wallet management, I've fork ethdo to add vault storage and be allowed to manage wallets with a pod spawned in the Kubernetes cluster.

What do you think about to merge this forks on your repos ?
Can we have a discussion about this ? (i'm not a golang expert so i prefer discuss about your development standard)

Thanks you !

@ybstaked
Copy link

ybstaked commented Mar 8, 2023

Eager to see this!

@LucasGrasso
Copy link

Hello @bliiitz , hope that you are doing fine. I'm currently facing a similar problem (And developing a simillar solution) to the one that you mentioned in your comment. Do you have any updates about this integration? Have you used your go-eth2-wallet-store-vault in a prod environment?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants