Private keys are used for signing transactions on Injective. If the private key is improperly safeguarded (e.g. leaked accidentally, pushed to Github), the results could be catastrophic, including a total loss of funds.
This guide is a practical handbook on securing one's private key in a cloud environment.
First, ensure that you've installed the injectived binary, which you can do by installing the injectived binary from the latest Injective Chain release or by running make install
in the injective-core repo which builds and installs the injectived binary from source.
Then run injectived keys --help
and inspect the output.
First, initialize your local keyring and obtain your mnemonic phrase by running injectived keys add <name> --home <keyring directory>
. You will also have to enter a passphrase which will encrypt your keyring and will be needed for using your keys.
Note that if you do not specify a directory for the keyring with --home
then the ~/.injectived
directory will be used by default. This should be fine for production cloud instances but is discouraged for local development due to the fact that some scripts inside of our local dev E2E tests explicitly delete this directory.
--home
flag will be omitted from the rest of the injectived keys
command in this guide but remember to run it if you do choose to use a different keyring directory than the default directory.You can then import the mnemonic phrase into Metamask if desired.
❗️Make sure to securely write down the mnemonic phrase and safeguard it, as anyone with this phrase can take control over your account.
Alternatively, you can also setting up a new Metamask wallet and then import the mnemonic phrase obtained there with injectived keys add <name> --recover
Then confirm that you can see your keys with injectived keys list
.
As an example, suppose we ran injectived keys add alice --home ~/.my-oracle-directory
in the previous step with a passphrase of 12345678
(obviously do not use such a trivial passphrase in production).
Using injective-price-oracle
as an example, the .env
variables should be configured as follows: