Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update warning of using private keys in .env file #985

Open
MexicanAce opened this issue Mar 24, 2024 · 2 comments
Open

Update warning of using private keys in .env file #985

MexicanAce opened this issue Mar 24, 2024 · 2 comments
Labels
documentation Improvements or additions to documentation good first issue Good for newcomers

Comments

@MexicanAce
Copy link
Collaborator

Problem
Currently, the information section for use of Private Keys in an .env file for local development states:

The private key of your wallet will be included in the .env file of the project and won't be pushed to GitHub.

We teach to always avoid private keys in .env files as it's one of the most common ways new web3 developers (experienced or not) lose funds. We even have students pledge to never put private keys with funds in them, and it's an anti-pattern that has been propagated across web3 hurting new people. pledge one and pledge 2

Proposed Update

The private key of your wallet will be included in the .env file of the project and won't be pushed to GitHub. However, as this means the private key is in plain text, it's recommended to use a private key that isn't associated with any real funds.
@MexicanAce MexicanAce added documentation Improvements or additions to documentation good first issue Good for newcomers labels Mar 24, 2024
@MexicanAce MexicanAce mentioned this issue Mar 24, 2024
Merged
@shyam-patel-kira
Copy link

Since it is merged this can be closed @MexicanAce

@MexicanAce
Copy link
Collaborator Author

This issue was not resolved/merged in the associated PR, it was only mentioned. There are still areas that need to be updated in our docs with this warning

@MexicanAce MexicanAce mentioned this issue Apr 25, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MexicanAce @shyam-patel-kira