feat: add gcp-signer

Cargo.toml

@@ -96,15 +96,16 @@ needless_return = "allow"
 
 [workspace.dependencies]
 alloy = { version = "0.7", features = [
-    "full",
     "eips",
+    "full",
     "hyper",
     "json-rpc",
     "node-bindings",
     "rpc-client",
     "rpc-types-debug",
     "rpc-types-trace",
     "signer-aws",
+    "signer-gcp",
     "signer-keystore",
     "signer-ledger",
     "signer-mnemonic",

README.md

@@ -100,6 +100,7 @@ This repository contains the following examples:
   - [x] [Send transaction with access list](./examples/transactions/examples/with_access_list.rs)
 - [x] Wallets
   - [x] [AWS signer](./examples/wallets/examples/aws_signer.rs)
+  - [x] [GCP signer](./examples/wallets/examples/gcp_signer.rs)
   - [x] [Ledger signer](./examples/wallets/examples/ledger_signer.rs)
   - [x] [Private key signer](./examples/wallets/examples/private_key_signer.rs)
   - [x] [Mnemonic signer](./examples/wallets/examples/mnemonic_signer.rs)

examples/wallets/Cargo.toml

@@ -18,6 +18,10 @@ alloy.workspace = true
 aws-config = { version = "1.5", default-features = false }
 aws-sdk-kms = { version = "1.50", default-features = false }
 eyre.workspace = true
+gcloud-sdk = {version = "0.25", features = [
+    "google-cloud-kms-v1",
+    "google-longrunning"
+]}
 rand = "0.8"
 serde = { workspace = true, features = ["derive"] }
 tempfile = "3.14"

examples/wallets/examples/aws_signer.rs

@@ -6,9 +6,7 @@ use eyre::Result;
 
 #[tokio::main]
 async fn main() -> Result<()> {
-    let Ok(key_id) = std::env::var("AWS_KEY_ID") else {
-        return Ok(());
-    };
+    let key_id = std::env::var("AWS_KEY_ID").expect("AWS_KEY_ID not set in .env file");
 
     let config = aws_config::load_defaults(BehaviorVersion::latest()).await;
     let client = aws_sdk_kms::Client::new(&config);

examples/wallets/examples/gcp_signer.rs

@@ -0,0 +1,38 @@
+//! Example showing how to use the GCP KMS signer.
+
+use alloy::signers::{
+    gcp::{GcpKeyRingRef, GcpSigner, KeySpecifier},
+    Signer,
+};
+use eyre::{Ok, Result};
+use gcloud_sdk::{
+    google::cloud::kms::v1::key_management_service_client::KeyManagementServiceClient, GoogleApi,
+};
+
+#[tokio::main]
+async fn main() -> Result<()> {
+    let project_id =
+        std::env::var("GOOGLE_PROJECT_ID").expect("GOOGLE_PROJECT_ID not set in .env file");
+    let location = std::env::var("GOOGLE_LOCATION").expect("GOOGLE_LOCATION not set in .env file");
+    let keyring = std::env::var("GOOGLE_KEYRING").expect("GOOGLE_KEYRING not set in .env file");
+    let key_name = std::env::var("GOOGLE_KEY_NAME").expect("GOOGLE_KEY_NAME not set in .env file");
+
+    let keyring = GcpKeyRingRef::new(&project_id, &location, &keyring);
+    let client = GoogleApi::from_function(
+        KeyManagementServiceClient::new,
+        "https://cloudkms.googleapis.com",
+        None,
+    )
+    .await?;
+
+    let key_version = 1;
+    let specifier = KeySpecifier::new(keyring, &key_name, key_version);
+    let signer = GcpSigner::new(client, specifier, Some(key_version)).await?;
+
+    let message = "Hello, world!";
+    let signature = signer.sign_message(message.as_bytes()).await?;
+
+    assert_eq!(signature.recover_address_from_msg(message)?, signer.address());
+
+    Ok(())
+}

scripts/run.sh

@@ -14,8 +14,10 @@ function main () {
             | grep -E '^ ' \
             | grep -v \
             -e 'any_network' \
+            -e 'aws_signer' \
             -e 'builtin' \
             -e 'debug_trace_call_many' \
+            -e 'gcp_signer' \
             -e 'geth_local_instance' \
             -e 'ipc' \
             -e 'ledger_signer' \