Skip to main content

Offline signer tool

According to the Rosetta specification, you use an offline tool to sign transactions and use Rosetta to submit the signed transactions. The Mina Rosetta implementation comes with an offline signer CLI tool and a mina-signer npm package. To generate a key pair, sign a transaction and verify a signature with it.

In a native build, the path to the signer tool is _build/default/src/app/rosetta/ocaml-signer/signer.exe.

In a Docker container, the path is /rosetta/app/mina-ocaml-signer.

To simplify examples, it is referred to as the signer alias.

Generating a key pair with mina-signer

A sample code to generate a keypair:

import { Client } from 'mina-signer'
const mina = new Client({network: 'testnet'})
const keypair = mina.genKeys()

Generating a key pair with signer CLI

To generate a private key, run:

signer generate-private-key

To derive public key, run:

signer derive-public-key --private-key <private key>

In the output you will also get a Mina account address associated with this key pair.

Signing a transaction with mina-signer

A sample code to sign a transaction:

mina.signRosettaTransaction(payload, privateKey)
note

We advice to use mina.rosettaCombinePayload helper to sign and prepare a payload for /construction/combine request

See Sending Transactions page to learn more.

Signing a transaction with CLI

To sign a transaction, run:

signer sign --private-key <private key> --unsigned-transaction <tx>
note

Replace <tx> with the unsigned transaction string, which you can construct using construction/payloads endpoint. See Sending Transactions page to learn more.

To implement a helper function to sign a transaction (in Python):

def sign_transaction(path_to_signer, private_key, unsigned_transaction):
cmd = "{signer} sign --private-key {pk} " \
"--unsigned-transaction {tx_blob}".format(
signer=path_to_signer,
pk=private_key,
tx_blob=unsigned_transaction)
r = run(cmd.split(), stdout=PIPE).stdout
return r.decode().strip()