Skip to main content
Many Compose APPs will need some secrets, whether it’s EOA wallets, or auth tokens for interacting with external services, we’ve got you covered.

Wallets

Many compose apps will need to make blockchain transactions and will need gas and payment funds to do so. By default, Compose will make you a smart wallet which allows you to pay gas fees in fiat as part of your normal monthly Goldsky bill. This allows simple USD based accounting for companies and users who are not “blockchain-native”. You can easily fund these smart wallets with any tokens you may require for your particular business logic (by default goldsky will pay gas fees if you haven’t funded the wallet yourself). Goldsky hosted wallets are created dynamically and itempotently in your app code, allowing any type of logic in wallet creation, for specifics see Context. However there may be times when specific wallets will be needed for specific transactions such as on owner-only contract methods. In these cases you can store your private securly in a secret, see below for details.
To fund your built-in smart wallet (beyond Goldsky’s default gas-sponsorship behavior), you can retrieve it’s public key from the compose Dashboard at app.goldsky.com. See monitoring for details.

Secrets

Compose secrets are bound to the particular Compose App and are immutable once an app is deployed. To have a running app pick up new secrets values, you’ll need to redeploy This protects apps from accidental mistakes with secrets and enables versioning of secrets when the code changes need to be synced. To add or update a secret run 
goldsky compose secret set MY_PRIVATE_KEY xyz123
To remove a secret run 
goldsky compose secrete delete MY_PRIVATE_KEY
In order for secrets to be injected into your app at runtime, they’ll need to be referenced in the secrets_env section of the Manifest. This allows you to reference different secrets for different iterations of your app, without deleting previous versions allowing safe roll forwards and roll backs. Example: 
name: "my_app"
secrets:
  - MY_PRIVATE_KEY 
  - MY_API_KEY
tasks:
  - name: "price_fetcher"
    path: "./tasks/fetch_price.ts"
  - name: "data_processor"
    path: "./tasks/process_data.ts"
Then in your task you can access the secrets like this: 
/// <reference types="../../.compose/types.d.ts" /> 

export async function main(
  hostFunctions: TaskContext,
  payload?: Record<string, unknown>
): Promise<unknown> {
  const { env, chains, createPrivateKeyWallet } = hostFunctions;

  const myPrivateKeyWallet = await createPrivateKeyWallet(env.MY_PRIVATE_KEY);
  const { hash } = await myPrivateKeyWallet.writeContract(
    chains.polygon,
    contractAddress,
    "prepareCondition(address,bytes32,uint256)",
    [address, questionId, 2],
    {
      max_attempts: 2,
      initial_interval_ms: 500,
      backoff_factor: 1,
    }
  );

  const response = await fetch(`https://api-service/api/v1/path?auth_token=${env.MY_API_KEY}`);
}