The Hashicorp Vault plugin enables the storage of Quorum account private keys in a Hashicorp Vault KV v2 secret engine.
It can be used with Quorum or clef
.
Using the Hashicorp Vault plugin offers several benefits:
-
Account private keys are stored in a Hashicorp Vault which can be deployed on separate infrastructure to the node
-
Vault allows for fine-grained access control to secrets
Quorum will automatically download the plugin from bintray at startup.
Alternatively, the plugin can be downloaded or built manually and added to the baseDir
:
make
cp build/dist/quorum-account-plugin-hashicorp-vault-<version>.zip /path/to/baseDir
See docs/quickstart-example for a step-by-step walkthrough of how to set up and use Vault for Quorum account management.
See docs/configuration for complete documentation of the configuration options.
See docs/creating-accounts for details on creating Vault-stored accounts.
See docs/faq for additional info on various items.