Hey guys, is there any alternative of adding private key in ENV file for the contract to run. My dev says that is the only option and he does not even want to hash it.
I find that on and need advice on securing it so that it can be protected from being hacked while the contract is communicating with the front-end.
Jul 8, 2023, 12:24 AM
sus, either have him give you the scripts to run to deploy, or create a burner account for him and then transfer ownership to another wallet
Jul 8, 2023, 12:26 AM
Yea that’s fine .. I just want to avoid adding the key in the env file
I mean there has to be secure alternatives to this right
Jul 8, 2023, 12:26 AM
the dotenv library helps in that
and .env file is not needed , keep the key and variable for env in production deployment on your hosting dashboard... for hardhat... just make sure to not upload the .env file anywhere online and use from local environment
Jul 8, 2023, 12:39 AM