feat: add OWS (Open Wallet Standard) as wallet signer#13937
Open
kevarifin14 wants to merge 1 commit intofoundry-rs:masterfrom
Open
feat: add OWS (Open Wallet Standard) as wallet signer#13937kevarifin14 wants to merge 1 commit intofoundry-rs:masterfrom
kevarifin14 wants to merge 1 commit intofoundry-rs:masterfrom
Conversation
Adds `--ows <WALLET>` flag for loading signers from an OWS encrypted vault, alongside the existing --ledger, --trezor, --aws, --gcp, and --turnkey options. Feature-gated behind `ows`. Usage: cast send <TO> --value 1ether --ows my-wallet forge script Deploy.s.sol --ows my-wallet cast call <CONTRACT> "balanceOf(address)" --ows my-wallet The key is decrypted from the OWS vault (AES-256-GCM, scrypt KDF) only during signing, then wiped from memory.
kevarifin14
requested review from
0xrusowsky,
DaniPopes,
grandizzy,
mattsse,
onbjerg and
zerosnacks
as code owners
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
--ows <WALLET>flag for loading signers from an OWS encrypted vault, alongside the existing--ledger,--trezor,--aws,--gcp, and--turnkeyoptions. Feature-gated behindows.Usage
One wallet created with
ows wallet createworks in cast, forge, solana, tempo, polymarket — every tool.Changes
crates/wallets/src/opts.rs--owsflag, resolution inmaybe_signer()crates/wallets/src/signer.rsWalletSigner::from_ows()crates/wallets/src/error.rsows_unsupported()helperFeature-gated:
--features ows. Follows the same pattern as--aws,--gcp,--turnkey.How it works
OWS decrypts the EVM signing key from the vault (AES-256-GCM, scrypt KDF) and wraps it as a
PrivateKeySigner. The key is only in memory during signing, then wiped. No plaintext on disk.Dependencies
Would require adding
ows-libandows-coreas optional dependencies tofoundry-wallets.