Apologize in advance if this question was already asked before.
I was looking for a way to programmatically pull the account from MetaMask (or some other wallet) and add it to brownie. The problem I keep facing is that I can't add the account in Brownie without knowing the private key/ keystore file. As far as I can tell, there really isn't a direct way to programmatically get the private key from MetaMask.
How am I supposed to import a real account into brownie? Maybe there is a way other than using a private key or a keystore file?
*Yes, I know I can export the private key from MetaMask, but that can't be done programmatically.
I also looked into some eth_requestAccounts method that Metamask has in its documentation, but that still didn't seem to answer my question.
Related
I want to use asymmetric key pairs to sign/verify data sent from an Xamarin forms smartphone app to a web service.
I have an Xamarin forms smartphone app targeted at Android and iOS devices. The client on the device connects through a web service to a database and, on successful login, retrieves and sends data. Currently the user logs in, providing username and password. The password is hashed and the database user table is searched for the combination of the username and password hash. If this combination is found then the user is deemed to be legitimate and information can be retrieved and sent.
I now want to introduce another layer of security, so that each device that installs the app would need, additionally, a private key. This key would be used to produce a digital signature or hash of data sent up to the web service. When the web service receives the request, it will use the corresponding public key of the key pair to verify the signature, and only allow the request through if the signature is verified. From time to time, I may want to eliminate the user base and start afresh and I was thinking that I could do this easily by creating a new asymmetric key pair and sending the new private key out to each user whom I wanted to be able to use the system while also changing the corresponding public key on the web service to the new one. This way anyone still using the old private key would not gain access. The difficulty I have found with this approach is that I don’t know how to get a new key on to the user's device and, having done that, I don’t know how to get access to this key in the app’s code in order to create the digital hash. I have tried experimentally to look at the key store, but I don’t seem to be able to do that on an iPhone the way I can on the PC, so my question, at its simplest is, how do I get a private key onto an iPhone or an Android phone and, having got it on there, how do I get access to it in code in order to use it to generate a digital hash. Of course, I could just use symmetric encryption, and pass a password to the user base which could then be used in code to encrypt some mutually agreed piece of text and the web service, on receiving it, would use the same password to decrypt it. I just thought that the asymmetric key pair approach was a more elegant, and, in the end, more robust solution. The other point is that I want to use the .Net System.Security.Cryptography classes only, ie no third party code if possible.
I'm setting up a new Near account, and I want to use its keys to sign a message in an app I'm building. How can I do this?
I used the wallet.nearprotocol.com page to create an account. Then, I used nearlib to connect to the testnet, and verify the account's balance and public keys.
But I couldn't find a way to add the account into the localStorage key store or otherwise access a method to sign a message. Nor could I find a wallet plugin or extension that would provide me access.
Generally the idea is that you never transfer given private key between 2 devices / security contexts.
So normally instead of getting private key out of wallet you just want to generate new key pair and request wallet to add public key.
https://github.com/nearprotocol/nearlib/blob/master/src.ts/wallet-account.ts provides relatively easy way to do it for webapp.
Note that it limits access to a give contract ID, so if you need unrestricted access you basically just need to omit contractId.
See examples at https://near.dev/ for WalletAccount usage.
I 'm trying to present the user a dialog to pick a certificate. Originally I used CryptUIDlgSelectCertificateFromStore with the "MY" store, but this results in picking all the certificates, where I only want the user to select between the
certificates that have private keys.
For that reason, I create a new memory store and store only the certificates for which a private key exists. I can use CryptAcquireCertificatePrivateKey to get a private key of a certificate, but this may result in a dialog box requesting a PIN for example. I don't want to use the CRYPT_ACQUIRE_SILENT_FLAG because a provider might want to show information on the key (not necessarily a pin or a smart card prompt).
Is there a way to know that there is a private key without actually acquiring it?
Thanks.
I'm not getting recaptcha image correctly..It says invalid domain key. I actually registered recaptcha in google account for localhost. Can I use recaptcha on localhost? Can someone explain to em why I'm getting this error? Are thee keys keyed in correctly, please?
The key from google:
ANd in my joomla backend, I have to key in public and private key:Where I assumed Site key = public key while Secret Key is Private Key.
Can you go to this link and check your domain is there and you have the correct keys? Also, does this error appear on specific actions (e.g. when submitting the feedback form) or does it always happen when you load any page with a captcha on it?
I suggest you to go through this reCAPTCHA FAQs link.. It will help you
And easiest solution is delete it and register new key. You will be after that.
And one more thing is that secret key is private kind of thing. You do not need to provide it here. Walk on safe side.
I have ran into a problematic situation, which I really hope I can get help with.
I'm working on Jive Software solutions and we have a product that integrates Google Drive and Gmail.
This integration product was once part of a startup that was acquired by Jive and as such, the Google api project we are using for the integration belongs to a Google Account of a specific person which no longer works in Jive (we do have the credentials for the account though).
The problem is, that we want this account to be ours, i.e, a Jive software one.
So, one option I have, is to create a new account and replace the api account I'm using in the code to use the new one. This is bad, as it will break all the current authenticated clients, and will force them to take the oauth process all over again.
The other option I see, is to convert the existing Google account we are using to a jivesoftware one, so it will not be associated to any specific person but it will still be the same account.
Specifically I'm interesting in changing the Name and Email of this account.
Any suggestions of how we can achieve that?
A third option could be moving the api project to owned by another google account, but I couldn't find such an option in the UI, any clue?
There is no way to change a gmail address. You can forward all email to a new address with the name and email address you would like though.
This way you access all the email from an account that is a Jive software one but it is being forwarded from the old one still. However no one directly accesses the old one.
Check out https://support.google.com/mail/answer/10957?hl=en for more info.
According to the documentation, if you use Gmail with your Google Account, it's not currently possible to change your Gmail username after you've registered. with your username being the full email address you used to create your account. You can, however, change your nick name by going to https://myaccount.google.com and clicking Personal Info.