read client cert/key from file

.env.example

@@ -1 +1,5 @@
 PRIVATE_KEY=0xYOUR_PRIVATE_KEY
+
+# mTLS
+CLIENT_KEY=/path/to/your/client/key
+CLIENT_CRT=/path/to/your/client/cert

.gitignore

@@ -23,3 +23,6 @@ dist-ssr
 *.sln
 *.sw?
 .env
+
+*.crt
+*.key

README.md

@@ -21,19 +21,25 @@ Copy `.env.example` to `.env` in the project root:
 cp .env.example .env
 ```
 
-Then set your private key:
+Then set your `PRIVATE_KEY`:
-```
+```sh
 PRIVATE_KEY=0xYOUR_PRIVATE_KEY
 ```
 
-Optional: if you want to enable mTLS, uncomment the `mTLS` block in `index.js` and provide your client cert/key strings:
+and
-```js
+
-const mTLS = {
+`CLIENT_KEY` and `CLIENT_CRT` for mTLS:
-  clientCrt: "YourClientCrtString",
+```sh
-  clientKey: "YourClientKeyString",
+CLIENT_KEY=/path/to/your/client/key
-};
+CLIENT_CRT=/path/to/your/client/cert
 ```
-Security note: keep the client key private and stored securely; never commit it or share it publicly.
+
+* `CLIENT_KEY`: the client private key file, in PEM format (e.g. `-----BEGIN PRIVATE KEY-----...`).
+* `CLIENT_CRT`: the client certificate file, in PEM format (e.g. `-----BEGIN CERTIFICATE-----...`).
+
+<br/>
+
+**Security note**: keep the client key private and stored securely; never commit it or share it publicly.
 
 ## Customize
 Edit these sections in `index.js`:

index.js

@@ -1,19 +1,23 @@
 const { PrimusNetwork } = require("@primuslabs/network-core-sdk");
 const { ethers } = require("ethers");
 require("dotenv/config");
+const fs = require("fs");
 
 async function primusProofTest() {
-  const PRIVATEKEY = process.env.PRIVATE_KEY;
+  const PRIVATE_KEY = process.env.PRIVATE_KEY?.trim() ?? (() => { throw new Error("Missing PRIVATE_KEY in .env"); })();
+  const CLIENT_CRT = process.env.CLIENT_CRT?.trim() ?? (() => { throw new Error("Missing CLIENT_CRT in .env"); })();
+  const CLIENT_KEY = process.env.CLIENT_KEY?.trim() ?? (() => { throw new Error("Missing CLIENT_KEY in .env"); })();
+
   const address = "0x8F0D4188307496926d785fB00E08Ed772f3be890"; // change to your address
   const chainId = 84532; // Base Sepolia (or 8453 for Base mainnet)
   const baseSepoliaRpcUrl = "https://sepolia.base.org"; // (or 'https://mainnet.base.org' for Base mainnet)
   // The request and response can be customized as needed.
-  
+
   // change to your request params
   const requests = [
     {
       url: "https://checkout.mtls.api.hm.bb.com.br/",
-      method: "GET", 
+      method: "GET",
       header: {},
       body: "",
     }
@@ -29,7 +33,7 @@ async function primusProofTest() {
   ];
 
   const provider = new ethers.providers.JsonRpcProvider(baseSepoliaRpcUrl);
-  const wallet = new ethers.Wallet(PRIVATEKEY, provider);
+  const wallet = new ethers.Wallet(PRIVATE_KEY, provider);
 
   try {
     const primusNetwork = new PrimusNetwork();
@@ -46,8 +50,8 @@ async function primusProofTest() {
 
     // Compose params for attest
     const mTLS = {
-      clientCrt: "YourClientCrtString", // Please replace with your ownner client crt string
+      clientKey: fs.readFileSync(CLIENT_KEY).toString(),
-      clientKey: "YourClientKeyString", // Please replace with your ownner client key string
+      clientCrt: fs.readFileSync(CLIENT_CRT).toString(),
     }
     const attestParams = {
       ...submitTaskParams,