cb47cce074
- Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards.
3.4 KiB
3.4 KiB
Fix Web3Signer Error - Complete Guide
Error: Web3Signer error when sending transaction from 0x71e81eaec98e507f68bbcf5e2005f179db851603
Root Cause: The address is in the allowlist but doesn't have a key in Web3Signer. The translator tries to sign the transaction via Web3Signer, but Web3Signer doesn't have the private key for this address.
🚀 Quick Fix
Run the automated fix script:
cd /home/intlc/projects/proxmox/rpc-translator-138
./scripts/fix-web3signer-allowlist-mismatch.sh
📋 Manual Fix Steps
Step 1: Check Web3Signer Keys
# Get all keys loaded in Web3Signer
curl -s http://192.168.11.111:9000/api/v1/eth1/publicKeys | jq '.'
# Check if your address is in the list
curl -s http://192.168.11.111:9000/api/v1/eth1/publicKeys | jq -r '.[]' | grep -i "71e81eaec98e507f68bbcf5e2005f179db851603"
Step 2: Update Allowlist
If the address is NOT in Web3Signer (most likely for a MetaMask wallet):
cd /home/intlc/projects/proxmox/rpc-translator-138
# Get only the addresses that have keys in Web3Signer
WEB3SIGNER_ADDRESSES=$(curl -s http://192.168.11.111:9000/api/v1/eth1/publicKeys | jq -r '.[]' | tr '\n' ',' | sed 's/,$//')
# Update allowlist to only include Web3Signer keys
if [ -n "$WEB3SIGNER_ADDRESSES" ] && [ "$WEB3SIGNER_ADDRESSES" != "" ]; then
./scripts/configure-wallet-allowlist.sh "$WEB3SIGNER_ADDRESSES"
else
# If no keys, clear allowlist (allows all - not recommended for production)
./scripts/configure-wallet-allowlist.sh ""
fi
If the address IS in Web3Signer (service wallet):
The issue might be with the transaction format. Check the logs:
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240 "journalctl -u rpc-translator-138.service -n 50 --no-pager | grep -A 10 Web3Signer"
Step 3: Verify Fix
# Check Web3Signer keys
curl -s http://192.168.11.111:9000/api/v1/eth1/publicKeys | jq -r '.[]'
# Check allowlist
for IP in 192.168.11.240 192.168.11.241 192.168.11.242; do
echo "=== $IP ==="
ssh -i ~/.ssh/proxmox_translator root@$IP "grep '^WALLET_ALLOWLIST=' /opt/rpc-translator-138/.env"
done
🔍 Understanding the Issue
How It Works
- Allowlist: Controls which addresses can send transactions via
eth_sendTransaction - Web3Signer: Must have the private key to sign transactions
- The Problem: Address in allowlist but no key in Web3Signer = error
Two Types of Wallets
User Wallets (MetaMask, etc.):
- User controls the private key
- User signs transactions locally
- Should NOT be in allowlist
- Transactions are pre-signed and sent as
eth_sendRawTransaction
Service Wallets (Hot Wallets):
- Private key stored in Web3Signer
- Web3Signer signs transactions
- Should be in allowlist
- Transactions sent as
eth_sendTransaction(unsigned)
Solution
- If
0x71e81eaec98e507f68bbcf5e2005f179db851603is a MetaMask wallet: Remove it from allowlist (users sign their own transactions) - If it's a service wallet: Add its keystore file to Web3Signer first, then add to allowlist
✅ Expected Result
After fix:
- Allowlist contains only addresses that have keys in Web3Signer
- Service wallets can send transactions via
eth_sendTransaction - User wallets (MetaMask) can send pre-signed transactions via
eth_sendRawTransaction(no allowlist needed)
Run: ./scripts/fix-web3signer-allowlist-mismatch.sh to automatically fix the mismatch!