Sign transaction using using NEM-SDK locally and sent only signed data to NIS server

Technical Discussion
#1

Can i sign the transaction on client side and send only signed data to NIS server using nem-sdk?

is there any facility for such using NEM?

i found a solution using the NEM APIs but i want a perticular method that does the same thing. Simply i just dont want to expose my private key

Need the following solution using NEM-SDK: https://docs.nem.io/ja/nem-dev-basics-docker/sending-xem

In that, in last they are sending transaction to NIS server
// initialise client
c = zerorpc.Client()
c.connect(“tcp://127.0.0.1:4242”)

// initialise transaction and signer data
tx={ “amount”: 11, “recipient”: “TAPWFJHCGV3GL3CZEERB3IGXPMBWNGGEZKAVPNFB”, “recipientPublicKey”: “”, “isMultisig”: False, “multisigAccount”: “”, “message”: “msg”, “isEncrypted”: False, “mosaics”: [] }
common={ “password”: “”, “privateKey”: “YOU_PRIVATE_KEY” }

// convert to json strings
str_common=json.dumps(common)
str_tx=json.dumps(tx)

// call remote procedure, passing string arguments
signed = c.sign(str_tx, str_common, “testnet”)

// post signed transaction to a NIS instance
url=“http://localhost:7890/transaction/announce
response = requests.post(url, json=signed)

this line: response = requests.post(url, json=signed)

is there any facility available using nem-sdk for the same?

I know the way using preparestatement. I implemented that one but in that i have to expose private key.

#2

That one doesn’t expose the private-key. Unless you are letting a NIS sign the prepared tx somehow ?

Are you doing this https://rb2nem.github.io/nem-dev-guide/06-transaction-transfer/ ? Then your priv-key shouldn’t be exposed to any NIS at all. You could even run the code on an air-gapped machine.

If you’re talking about exposed in the code then that’s a different matter. You will have to provide your key to sign txs, that’s just how things work. You certainly don’t want to hardcode it though and you don’t want it to linger in RAM either. Those are things a hw wallet can solve for you (or you solve them for your use-case).

#3

Here I posted the explanation.
You don’t expose a private key with “prepare” in nem-sdk.

#4

You are suggesting to use this?

// parameters initialisation
var privateKey = “YOUR_ACCOUNT_PRIVATE_KEY”;
var recipient = “TBCI2A67UQZAKCR6NS4JWAEICEIGEIM72G3MVW5S”;
var amount = 10;
var message = “dev guide test transaction”;
var nisURL = “http://localhost”;
var nisPort = “7890”;

// endpoint initialisation
var endpoint = nem.model.objects.create(“endpoint”)(nisURL, nisPort);
// transaction common data initialisation
var common = nem.model.objects.get(“common”);
common.privateKey = privateKey;

// create transfer transaction object
var transferTransaction = nem.model.objects.create(“transferTransaction”)(recipient, amount, message);
// prepare transaction
var transactionEntity = nem.model.transactions.prepare(“transferTransaction”)(common, transferTransaction, nem.model.network.data.testnet.id)
// sign and send to NIS
nem.model.transactions.send(common, transactionEntity, endpoint).then(function(res) {console.log(“done”);});

#5

this will sign locally yes, because you provide a privateKey in the common object.

And in background it will indeed use /transaction/announce to announce your signed transaction rather than use the transaction/prepare-announce endpoint which would let NIS sign for you (not recommended!!)

#6

can you suggest a method from the nem-sdk. I am not much awair with the NIS api services

#7

look at your reply above, that is the way to do it with nem-sdk