Skip to content

cli

CLI interface for web3-google-hsm.

cli()

Entry point for the CLI.

Source code in web3_google_hsm/_cli.py 
107
108
109
def cli() -> None:
    """Entry point for the CLI."""
    app()

generate(project_id=typer.Option(..., envvar='GOOGLE_CLOUD_PROJECT', help='Google Cloud project ID'), location=typer.Option(..., envvar='GOOGLE_CLOUD_REGION', help='Cloud KMS location (e.g. us-east1)'), keyring=typer.Option(..., envvar='KEY_RING', help='Name of the key ring'), key_id=typer.Option(..., envvar='KEY_NAME', help='ID for the new key'), retention_days=typer.Option(365, help='Days to retain key versions'))

🔑 Generate a new Ethereum signing key in Cloud HSM.

Source code in web3_google_hsm/_cli.py 
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
@app.command()
def generate(
    project_id: str = typer.Option(
        ...,
        envvar="GOOGLE_CLOUD_PROJECT",
        help="Google Cloud project ID",
    ),
    location: str = typer.Option(
        ...,
        envvar="GOOGLE_CLOUD_REGION",
        help="Cloud KMS location (e.g. us-east1)",
    ),
    keyring: str = typer.Option(
        ...,
        envvar="KEY_RING",
        help="Name of the key ring",
    ),
    key_id: str = typer.Option(
        ...,
        envvar="KEY_NAME",
        help="ID for the new key",
    ),
    retention_days: int = typer.Option(
        365,
        help="Days to retain key versions",
    ),
) -> None:
    """🔑 Generate a new Ethereum signing key in Cloud HSM."""
    try:
        # Create the key
        key = GCPKmsAccount.create_eth_key(
            project_id=project_id,
            location_id=location,
            key_ring_id=keyring,
            key_id=key_id,
            retention_days=retention_days,
        )
        console.print(f"[green]✅ Created Ethereum signing key:[/green] {key.name}")

        # Initialize account to display the Ethereum address
        config = BaseConfig(
            project_id=project_id,
            location_id=location,
            key_ring_id=keyring,
            key_id=key_id,
        )
        account = GCPKmsAccount(config=config)
        console.print(f"[blue]🔑 Ethereum address:[/blue] {account.address}")

    except Exception as e:
        console.print(f"[red]❌ Error:[/red] {e!s}")
        raise typer.Exit(1) from e

sign(message=typer.Argument(..., help='Message to sign'), account=typer.Option(..., '--account', '-a', help='Ethereum address of the signing account'))

📝 Sign a message using a Cloud HSM key.

Source code in web3_google_hsm/_cli.py 
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
@app.command()
def sign(
    message: str = typer.Argument(
        ...,
        help="Message to sign",
    ),
    account: str = typer.Option(
        ...,
        "--account",
        "-a",
        help="Ethereum address of the signing account",
    ),
) -> None:
    """📝 Sign a message using a Cloud HSM key."""
    try:
        # Initialize from environment variables
        config = BaseConfig.from_env()
        signer = GCPKmsAccount(config=config)

        # Verify the account matches
        if signer.address.lower() != account.lower():
            console.print(f"[red]❌ Account mismatch:[/red] {signer.address} != {account}")
            raise typer.Exit(1)

        # Sign the message
        signature = signer.sign_message(message)

        console.print("[green]✅ Message signed successfully![/green]")
        console.print(f"[blue]📝 Message:[/blue] {message}")
        console.print(f"[blue]🔏 Signature:[/blue] {signature.to_hex()}")
        console.print("[blue]📊 Components:[/blue]")
        console.print(f"  v: {signature.v}")
        console.print(f"  r: 0x{signature.r.hex()}")
        console.print(f"  s: 0x{signature.s.hex()}")

    except Exception as e:
        console.print(f"[red]❌ Error:[/red] {e!s}")
        raise typer.Exit(1) from e