Defender Relayer


So I started reading up on using a relayer for a DAO project, I see when a relayer is created the private key is stored in a vault.

My question is how secure is this private key? Given when linked with an autotask that say pauses a contract and the relayer address is what's used to interact with the contract.

How does one put the mind of the DAO at rest about the security of the address that controls pausing a contract and other sensitive functions being controlled by a third party?

Hey @dev-Cnote! You can read about the security considerations of a Relayer here. The TLDR is that the relayer private key is stored in a KMS, the key never leaves the KMS (all signing operations happen inside the vault), and access is restricted to just your team in Defender via AWS IAM policies.