Error: Fireblocks SDK Error: invalid signature (Error code: -1) (Hardhat)

Command: npx hardhat run --network sepolia scripts/deploy.js

Error: Fireblocks SDK Error: invalid signature (Error code: -1)
at FireblocksWeb3Provider.createFireblocksError (/home/abhi/sprints/fireblocks-test/node_modules/@fireblocks/fireblocks-web3-provider/src/provider.ts:189:17)
at FireblocksWeb3Provider.populateAccounts (/home/abhi/sprints/fireblocks-test/node_modules/@fireblocks/fireblocks-web3-provider/src/provider.ts:169:20)
at processTicksAndRejections (node:internal/process/task_queues:95:5)
at /home/abhi/sprints/fireblocks-test/node_modules/@fireblocks/fireblocks-web3-provider/src/provider.ts:82:76
at FireblocksWeb3Provider.accountsPopulatedPromise (/home/abhi/sprints/fireblocks-test/node_modules/@fireblocks/fireblocks-web3-provider/src/utils.ts:17:24)
at /home/abhi/sprints/fireblocks-test/node_modules/@fireblocks/fireblocks-web3-provider/src/provider.ts:252:13 {
code: 4100,
data: undefined,
payload: undefined
}

Hey @Abhishek can you please share your hardhat config file? (Please make sure it does not contain any secrets in it).

Also, are you working on our Sandbox environment?

Hi @SlavaSereb,

Yes, I am in sandbox environment.
Here it is the hardhat.config.js,

require("@nomicfoundation/hardhat-toolbox");
require("@nomicfoundation/hardhat-verify");
require("dotenv").config();
require("@fireblocks/hardhat-fireblocks");
const { ApiBaseUrl } = require("@fireblocks/fireblocks-web3-provider");

const SEPOLIA_RPC_URL = process.env.SEPOLIA_RPC_URL;
const FIREBLOCKS_API_PRIVATE_KEY_PATH = process.env.FIREBLOCKS_API_PRIVATE_KEY_PATH
const FIREBLOCKS_API_KEY = process.env.FIREBLOCKS_API_KEY
const FIREBLOCKS_VAULT_ACCOUNT_IDS = process.env.FIREBLOCKS_VAULT_ACCOUNT_IDS


/** @type import('hardhat/config').HardhatUserConfig */
module.exports = {
  solidity: "0.8.17",
  networks: {
    sepolia: {
      url: SEPOLIA_RPC_URL,
      fireblocks: {
        apiBaseUrl: ApiBaseUrl.Sandbox, // If using a sandbox workspace
        privateKey: FIREBLOCKS_API_PRIVATE_KEY_PATH,
        apiKey: FIREBLOCKS_API_KEY,
        vaultAccountIds: FIREBLOCKS_VAULT_ACCOUNT_IDS,
      }
    },
  },
};

Hey @Abhishek thanks for sharing this.
Can you also write the command that you run for the script execution?

Basically, your configuration file seems to be ok.
This error indicates that something is wrong with the authentication JWT signature which can be potentially one of the following issues:

  1. You are using a wrong API key - please verify this by copying the value of the API Key from the Fireblocks console.

  2. You are using a wrong secret key - please make sure that you use the correct private key that was used to create the API user (either your own key or the automatically generated one by Fireblocks). I can also suggest creating a new API user with a new secret key and verifying that this is the pair that is being used.

  3. The values are not being read as expected from the .env file. I would suggest making sure that you have configured the .env file as expected and there are no typos in the param names or the values. You can print the values in the configuration file and double check the output you can get post reading the .env values.