Transaction Signer
The Transaction Signer service handles secure preparation, signing, and broadcasting of blockchain transactions with intelligent gas management, nonce coordination, and support for both direct key signing and account abstraction patterns.
Overview
The Transaction Signer prepares, signs, and broadcasts blockchain transactions. This component manages the complexity of gas estimation, nonce coordination, and transaction lifecycle monitoring without exposing key material.
Blockchain transactions require careful coordination. Nonce conflicts cause failures. Insufficient gas results in stuck transactions. The Transaction Signer handles these concerns through purpose-built mechanisms that ensure reliable transaction delivery.
Transaction lifecycle
Gas management
Estimation
Gas estimation queries the target chain with actual transaction parameters. The signer applies configurable buffers to estimates, preventing failures from estimation variance.
Price strategy
Gas price selection balances confirmation speed against cost. Configurable strategies support:
| Strategy | Behavior | Use case |
|---|---|---|
| Fast | Priority fee targets quick inclusion | Time-sensitive operations |
| Standard | Base fee plus moderate priority | Normal operations |
| Economy | Minimum viable fee | Cost-sensitive batch operations |
Stuck transaction resolution
Transactions pending beyond threshold durations trigger resolution workflows. The signer resubmits with increased gas prices while maintaining nonce consistency. Replacement transactions explicitly cancel stuck originals when appropriate.
Nonce coordination
Concurrent transaction submission requires careful nonce management. The signer implements virtual object patterns for nonce state:
Sequential assignment: Each signing address maintains ordered nonce assignment. Concurrent requests serialize through the DALP Execution Engine.
Gap prevention: Transaction failures trigger nonce reclamation. Subsequent transactions receive recycled nonces to prevent gaps that block future transactions.
Recovery handling: System restarts query chain state to reconcile nonce records with confirmed transactions.
Account abstraction
The Transaction Signer supports ERC-4337 account abstraction for enhanced transaction patterns:
User operations: Transactions submit through bundler infrastructure rather than direct RPC calls.
Paymaster integration: Gas fees pay from designated accounts rather than transaction signers.
Batched execution: Multiple operations execute in single transactions for gas efficiency.
Signature aggregation: Compatible wallets aggregate signatures for further gas reduction.
Signing modes
| Mode | Mechanism | Latency | Security |
|---|---|---|---|
| Direct | Key Guardian signature | Low | Standard |
| HSM | Hardware security module | Medium | High |
| Delegated | DFNS custody approval | Variable | Highest |
| Multi-sig | Multiple signer coordination | High | Configurable |
Failure handling
Transient failures
Network timeouts and RPC errors trigger automatic retry. Exponential backoff prevents overwhelming recovering services. Retry attempts use increased gas prices to resolve potential underpricing.
Permanent failures
Reverted transactions surface to workflows for business logic handling. Compensating transactions initiate where appropriate. Failed operations generate alerts for operations review.
Reorg handling
Block reorgs can reverse confirmed transactions. The signer monitors confirmation depth before marking transactions final. Reorged transactions resubmit automatically with appropriate nonce handling.
Monitoring
Transaction status exposes through multiple channels:
- Real-time status updates via WebSocket connections
- Workflow state queries through administrative API
- Aggregate metrics in observability dashboards
- Alert triggers for failed or stuck transactions
See also
- Signing Flow for the end-to-end transaction signing sequence (compliance → unified signer → DFNS/Fireblocks → broadcast)
- Key Guardian for key storage
- Contract Runtime for transaction construction
- Chain Gateway for network access
- Account abstraction (ERC-4337) for gasless transactions and batched operations
Key Guardian
The Key Guardian service manages cryptographic key material with defense-in-depth security, supporting encrypted database storage, secret managers, hardware security modules, and third-party custody providers including DFNS and Fireblocks.
Contract Runtime
The Contract Runtime provides a secure abstraction for smart contract interactions, managing ABI encoding, call execution, and state queries with automatic retry and error classification.