Is there an issue with the Ed25519 and/or Secp256k1 solutions provided by ZenVoich?
Several developers I’ve spoken with prefer for the solution that imports the dfx generated pem file instead of the quill generated seed.txt (which they’ve professed the seed.txt derived identity import feels like a “hacky”, “roundabout”, or “unstable” solution).
It’s also about consistency, mostly because then developers are using two different tools to manage identity/canisters.
there’s nothing wrong with using the PEM files - we just haven’t added official support or documentation for it yet.
instead of the quill generated seed.txt (which they’ve professed the seed.txt derived identity import feels like a “hacky”, “roundabout”, or “unstable” solution).
Quill is unnecessary, unless you’re trying to use an existing PEM file in a seed phrase context. I simply suggest using a freshly generated seed phrase from your tool of choice, which will work nicely in CI contexts
Nice script @ZenVoich 
. Do you know how to request a pwd and decode the pem file when encrypted?
@peterparker do you mean how to decrypt the dfx-encrypted PEM? You can see the process here. You will also need the nonce from your identity’s config, which is located at .config/dfx/identity/<identity name>/identity.json
I meant decrypt the encrypted PEM file in NodeJS.
Above script of @ZenVoich works like a charm to replicate dfx identity in NodeJS when the PEM is not encrypted.
Also attempting to use an encrypted dfx identity in node. It looks like @ZenVoich’s script is attempting to perform the decryption, but I didn’t get it working in practice when I tried it just now.
Anyone else had luck with this yet? I believe performing a decryption and using the identity in memory is the preferable solution for running privileged actions in node locally.
you could probably use spawn a process to run dfx identity export if you have the right permissions
to support the latest agent release 0.21.3 that uses noble it seems like you only need to pass in the secret key, therefore adapt decode in @ZenVoich script to the following
function decode(rawKey: string) {
const buf: Buffer = pemfile.decode(rawKey);
if (rawKey.includes('EC PRIVATE KEY')) {
if (buf.length != 118) {
throw 'expecting byte length 118 but got ' + buf.length;
}
return Secp256k1KeyIdentity.fromSecretKey(buf.subarray(7, 39));
}
if (buf.length != 85) {
throw 'expecting byte length 85 but got ' + buf.length;
}
return Ed25519KeyIdentity.fromSecretKey(buf.subarray(16, 48));
}
i didnt test the secp256k1 identities, so not sure if any changes are required there