8

This question was asked on Reddit:

Is there a secure/recommended solution to unlock an account and send a tx through the Web3 interface (from a Html page)?

One of the alternatives that I have in mind is just to disable the Rpc and create a layer, and expose custom methods through it.

Reddit

Improve this question
1

1 Answer 1

Reset to default
6

The safest way to do this is to not rely on unlocking the account at all; instead, use ethereumjs and web3 to build your app to hold keys itself, and generate transactions which you submit with eth.sendRawTransaction. That way, you can do key management yourself, your user only has to trust you with funds they send to their account in your app, and you don't need the user to be running a node with unlocked accounts (or a node at all, if you use something like Infura).

Improve this answer
2
  • 1
    Is there a good tutorial or example for this? Commented Sep 9, 2016 at 22:52
  • Here's a tutorial that shows how to do it in a Truffle context -- i.e., create a custom web3 provider that you then use within a Truffle configuration. You should be able to extract the relevant bits out: truffleframework.com/tutorials/using-infura-custom-provider Commented Sep 28, 2016 at 18:14

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.