Persisting PrivateKey

[thedavedave]

I was looking at the sample java code here to understand how to leverage the xrpl client. On studying the samples, I saw that they all created new key pairs for all transactions and was trying to find a way to persist the private key for future transactions on the server.

Looking at xrpl4j.crypto.keys I managed to find a way that seems to work and thought I'd share this in case it helps anyone and also see if the community sees any issues with the approach:

Seed sd = Seed.ed25519Seed();
KeyPair coldWalletKeyPair = sd.deriveKeyPair();

// Persist the private key

UnsignedByteArray unsignedByteArr = coldWalletKeyPair.privateKey().value();
byte writeByteArr[] = unsignedByteArr.toByteArray();

FileTools.writeBytesToFile(writeByteArr, "file.bin");

// Restore the private key

byte readByteArr[] = FileTools.readFileToBytes("file.bin");
PrivateKey privateKey = PrivateKey.of(UnsignedByteArray.of(byteArr));

[nkramer44]

Thanks for adding this @thedavedave. However, I want to be clear that we do not recommend storing private key material in a file like this and loading the private key into memory if the private key controls an account on mainnet with real money. Are you planning on persisting keys like this and loading them in memory on a production server? If so, I would recommend implementing SignatureService such that it signs transactions with a key held in a more secure location such as an HSM or secure enclave on Android. Check out FauxGcpKmsSignatureServiceTest for an example on how to implement SignatureService -- That test uses mocks, but your implementation would need to make real calls to whichever KMS you use.