Skip to content

Private Key Support (Optional) #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
savageops wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Private Key Support (Optional) #13

savageops wants to merge 2 commits into from

Conversation

@savageops
Copy link
Contributor

@savageops savageops commented Sep 26, 2025
edited
Loading

Add Private Key Authentication Support

Description

This PR adds support for private key authentication as an alternative to mnemonic-based authentication for the Akash MCP server. Users can now authenticate using either a mnemonic phrase or a raw private key, providing more flexibility in wallet management and integration scenarios.

Motivation

Current implementation only supports mnemonic-based authentication via AKASH_MNEMONIC. This enhancement addresses several use cases:

  • Production Deployments: Many production systems manage raw private keys rather than mnemonics
  • Security Preferences: Some users prefer managing private keys directly
  • Integration: Easier integration with existing infrastructure that uses private key authentication
  • Automation: Simplified automated deployments and CI/CD pipelines

Changes

Modified Files (5 total):

  1. src/config.ts - Added privateKey configuration field
  2. src/utils/load-wallet.ts - Implemented private key authentication logic
  3. src/utils/load-certificate.ts - Updated type signatures to support both wallet types
  4. src/types/index.ts - Updated ToolContext interface types
  5. src/AkashMCP.ts - Updated wallet property types

Key Features:

  • ✅ Support for hex-encoded private key authentication
  • ✅ Automatic selection between private key and mnemonic methods
  • ✅ Clear error messaging when neither authentication method is provided
  • ✅ Full backward compatibility with existing mnemonic authentication
  • ✅ Type-safe implementation using union types

Technical Implementation

Authentication Priority:

  1. Check for AKASH_MNEMONIC environment variable
  2. If not present, check for AKASH_PRIVATE_KEY environment variable
  3. Throw error if neither is provided

Type System:

Uses union types (DirectSecp256k1HdWallet | DirectSecp256k1Wallet) to maintain type safety while supporting both authentication methods. Both wallet types implement compatible interfaces for signing and account management.

Private Key Format:

  • Expected: Hex string (64 characters, 32 bytes)
  • Example: e4b1c2d3a5f60798b2e1f3c4d5a6b7c8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a3b4
  • Automatically converted to Uint8Array for wallet initialization

Testing

Manual Testing:

  • ✅ Successfully initialized MCP server with private key authentication
  • ✅ Verified private key authentication flow: Using privateKey authentication for Akash
  • ✅ MCP server starts without errors
  • ✅ Akash adapter initializes successfully
  • ✅ All dependent services initialize properly
  • ✅ Verified backward compatibility with mnemonic authentication

Test Environment:

  • Node.js v18.19.1
  • @cosmjs/proto-signing v0.32.4
  • Production deployment environment

Backward Compatibility

  • No Breaking Changes: Existing mnemonic authentication continues to work unchanged
  • Default Behavior Preserved: When only mnemonic is provided, existing behavior is maintained
  • Graceful Degradation: Clear error messages guide users when configuration is missing

Environment Variables

New:

AKASH_PRIVATE_KEY  # Optional: Hex-encoded private key (32 bytes/64 chars)

Usage Examples:

# Option 1: Using private key (NEW)
export AKASH_PRIVATE_KEY="e4b1c2d3a5f60798b2e1f3c4d5a6b7c8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a3b4"

# Option 2: Using mnemonic (EXISTING)
export AKASH_MNEMONIC="word1 word2 word3 ... word24"

Dependencies

  • ✅ No new dependencies added
  • ✅ Uses existing @cosmjs/proto-signing package
  • ✅ No version bumps required

Checklist

  • Code follows project conventions
  • Changes are backward compatible
  • No breaking changes to existing functionality
  • Manual testing completed successfully
  • All modified files included in PR
  • Clear description of changes provided
  • Type definitions updated

Related Issues

N/A - Enhancement for authentication flexibility

Additional Notes

This implementation prioritizes mnemonic authentication over private key when both are provided.

@zJuuu zJuuu self-requested a review September 29, 2025 16:19
@zJuuu
Copy link
Collaborator

zJuuu commented Sep 29, 2025

Hey @savageops, thanks for your PR! Please adhere to the Conventional Commits specification in your future commits.
I plan to review and test this code in the coming days.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zJuuu zJuuu Awaiting requested review from zJuuu

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@savageops @zJuuu