read client cert/key from file

2025-12-24 02:30:19 +00:00 · 2025-12-24 02:30:19 +00:00 · 8043e2b4ca
commit 8043e2b4ca
parent 6d89bf4c13
4 changed files with 32 additions and 15 deletions
--- a/.env.example
+++ b/.env.example
@ -1 +1,5 @@
 PRIVATE_KEY=0xYOUR_PRIVATE_KEY
+
+# mTLS
+CLIENT_KEY=/path/to/your/client/key
+CLIENT_CRT=/path/to/your/client/cert
--- a/.gitignore
+++ b/.gitignore
@ -23,3 +23,6 @@ dist-ssr
 *.sln
 *.sw?
 .env
+
+*.crt
+*.key
--- a/README.md
+++ b/README.md
@ -21,19 +21,25 @@ Copy `.env.example` to `.env` in the project root:
 cp .env.example .env
 ```

-Then set your private key:
-```
+Then set your `PRIVATE_KEY`:
+```sh
 PRIVATE_KEY=0xYOUR_PRIVATE_KEY
 ```

-Optional: if you want to enable mTLS, uncomment the `mTLS` block in `index.js` and provide your client cert/key strings:
-```js
-const mTLS = {
-  clientCrt: "YourClientCrtString",
-  clientKey: "YourClientKeyString",
-};
+and
+
+`CLIENT_KEY` and `CLIENT_CRT` for mTLS:
+```sh
+CLIENT_KEY=/path/to/your/client/key
+CLIENT_CRT=/path/to/your/client/cert
 ```
-Security note: keep the client key private and stored securely; never commit it or share it publicly.
+
+* `CLIENT_KEY`: the client private key file, in PEM format (e.g. `-----BEGIN PRIVATE KEY-----...`).
+* `CLIENT_CRT`: the client certificate file, in PEM format (e.g. `-----BEGIN CERTIFICATE-----...`).
+
+<br/>
+
+**Security note**: keep the client key private and stored securely; never commit it or share it publicly.

 ## Customize
 Edit these sections in `index.js`:
--- a/index.js
+++ b/index.js
@ -1,19 +1,23 @@
 const { PrimusNetwork } = require("@primuslabs/network-core-sdk");
 const { ethers } = require("ethers");
 require("dotenv/config");
+const fs = require("fs");

 async function primusProofTest() {
-  const PRIVATEKEY = process.env.PRIVATE_KEY;
+  const PRIVATE_KEY = process.env.PRIVATE_KEY?.trim() ?? (() => { throw new Error("Missing PRIVATE_KEY in .env"); })();
+  const CLIENT_CRT = process.env.CLIENT_CRT?.trim() ?? (() => { throw new Error("Missing CLIENT_CRT in .env"); })();
+  const CLIENT_KEY = process.env.CLIENT_KEY?.trim() ?? (() => { throw new Error("Missing CLIENT_KEY in .env"); })();
+
  const address = "0x8F0D4188307496926d785fB00E08Ed772f3be890"; // change to your address
  const chainId = 84532; // Base Sepolia (or 8453 for Base mainnet)
  const baseSepoliaRpcUrl = "https://sepolia.base.org"; // (or 'https://mainnet.base.org' for Base mainnet)
  // The request and response can be customized as needed.
-  
+
  // change to your request params
  const requests = [
    {
      url: "https://checkout.mtls.api.hm.bb.com.br/",
-      method: "GET", 
+      method: "GET",
      header: {},
      body: "",
    }
@ -29,7 +33,7 @@ async function primusProofTest() {
  ];

  const provider = new ethers.providers.JsonRpcProvider(baseSepoliaRpcUrl);
-  const wallet = new ethers.Wallet(PRIVATEKEY, provider);
+  const wallet = new ethers.Wallet(PRIVATE_KEY, provider);

  try {
    const primusNetwork = new PrimusNetwork();
@ -46,8 +50,8 @@ async function primusProofTest() {

    // Compose params for attest
    const mTLS = {
-      clientCrt: "YourClientCrtString", // Please replace with your ownner client crt string
-      clientKey: "YourClientKeyString", // Please replace with your ownner client key string
+      clientKey: fs.readFileSync(CLIENT_KEY).toString(),
+      clientCrt: fs.readFileSync(CLIENT_CRT).toString(),
    }
    const attestParams = {
      ...submitTaskParams,