Hello - I’m building an application on Django using the Python SDK and I’m looking for a good source code or tutorial on how to get a transaction signed by the user.
I’ve been able to create ASAs without any issues using the SDK, but something eludes me still.
As it stands, most tutorials on the Algo Dev docs have the mnemonic phrase hard-coded, this is obviously not ideal in any production app.
My question: What is the best approach to create an ASA & have the user sign the transaction in the View?
You have three solutions currently:
I was reading through the docs and saw the KMD option, Is there sufficient documentation for that?
If you want to store the keys for the users, then it really depends on the security model you are considering. Amongst many other questions, you may need to consider what happens if your server gets compromised. If it stores a kmd token, the adversary may just steal all the Algos of all the users.
See also Could I implement an ASA with it's own custom wallet? - #2 by fabrice