# `Cartouche.Solana.Signer.CloudKMS`
[🔗](https://github.com/zenhive/cartouche/blob/main/lib/cartouche/solana/signer/cloud_kms.ex#L2)

Ed25519 signing backend using Google Cloud KMS.

GCP KMS supports Ed25519 signing (algorithm `EC_SIGN_ED25519`) since
April 2024. This is the Solana equivalent of `Cartouche.Signer.CloudKMS`
for Ethereum.

Key differences from the Ethereum KMS signer:
- Uses `data` field (raw bytes) instead of `digest.sha256` (pre-hashed)
- PEM contains Ed25519 SubjectPublicKeyInfo (RFC 8410), not an EC point
- Signature is raw 64 bytes, not DER-encoded

Requires the `google_api_cloud_kms` optional dependency.

# `get_address`

```elixir
@spec get_address(term(), String.t(), String.t(), String.t(), String.t(), String.t()) ::
  {:ok, <<_::256>>} | {:error, term()}
```

Get the Ed25519 public key (32 bytes) from a KMS key version.

# `sign`

```elixir
@spec sign(
  binary(),
  term(),
  String.t(),
  String.t(),
  String.t(),
  String.t(),
  String.t()
) ::
  {:ok, <<_::512>>} | {:error, term()}
```

Sign message bytes using a KMS Ed25519 key.

Ed25519 signs raw message bytes (no external hashing). The message is
sent to KMS via the `data` field (not `digest`).

Returns `{:ok, signature}` where signature is exactly 64 bytes.

---

*Consult [api-reference.md](api-reference.md) for complete listing*