Example: signer_keystore
To run this example:
- Clone the examples repository:
git clone https://github.com/throgxyz/examples.git - Run:
cargo run -p examples-signers --example signer_keystore
//! Web3 Secret Storage V3 keystore — encrypt and decrypt a TRON private key.
//!
//! Shows how to:
//! - Encrypt a private key to a password-protected JSON file
//! - Decrypt the file back to a working signer
//! - Verify the address is preserved round-trip
//!
//! No network access required.
//!
//! ```bash
//! cargo run -p examples-signers --example signer_keystore
//! ```
//!
//! The keystore format is compatible with TronLink, go-ethereum, and gotron-sdk.
//! It stores the TRON address in base58check format (not Ethereum hex).
use tronz::{LocalSigner, TronSigner};
fn main() -> anyhow::Result<()> {
// ── 1. Create a signer from a known private key ───────────────────────────
let private_key = "b5a4cea271ff424d7c31dc12a3e43e401df7a40d7412a15750f3f0b6b5449a28";
let signer = LocalSigner::from_hex(private_key)?;
println!("=== Original signer ===");
println!(" address : {}", signer.address());
// ── 2. Encrypt to a temp directory ────────────────────────────────────────
let dir = tempfile::tempdir()?;
let password = "my-secure-password";
println!("\n=== Encrypting keystore ===");
println!(" password : {password}");
let path = signer.encrypt_keystore(dir.path(), password)?;
println!(" saved to : {}", path.display());
// ── 3. Inspect the JSON ───────────────────────────────────────────────────
let json = std::fs::read_to_string(&path)?;
let ks: tronz::KeystoreFile = serde_json::from_str(&json)?;
println!("\n=== Keystore contents ===");
println!(" version : {}", ks.version);
println!(" id : {}", ks.id);
println!(" address : {}", ks.address);
println!(" kdf : {} (N={})", ks.crypto.kdf, ks.crypto.kdfparams.n);
println!(" cipher : {}", ks.crypto.cipher);
// ── 4. Decrypt and verify ─────────────────────────────────────────────────
println!("\n=== Decrypting ===");
let recovered = LocalSigner::decrypt_keystore(&path, password)?;
println!(" recovered address : {}", recovered.address());
assert_eq!(signer.address(), recovered.address(), "round-trip address mismatch");
println!(" addresses match : true");
// ── 5. Wrong password gives a clear error ─────────────────────────────────
let err = LocalSigner::decrypt_keystore(&path, "wrong-password").unwrap_err();
println!("\n=== Wrong password ===");
println!(" error : {err}");
Ok(())
}Find the source code on GitHub here.
