Cloud Functions transfer request

Is it possible to create a cloud function that transfers (erc20) from my wallet to some other one? I did not find any suitable POST method in the API, so it’s impossible?

It is possible but not recommended for security reasons. You need to use your Wallet private Key and the transaction itself uses ethers.js lib that Moralis cloud functions can provide. If you still want to try even knowing It is not recommended, I can share a code snippet.

1 Like

I will be grateful.
What are the risks of such an approach? And are there alternatives to my solution?

as an alternative you can have a separate server that does the transactions

1 Like

The utmost risk is to lose all funds on that particular wallet you are using to sign the transactions on the blockchain. Use this code at your own risk:

I. You will need to define the cloud function:

Moralis.Cloud.define("signTx", async (request) => {
    // When you call this function, you will need to give it
    // an argument as a query parameter that will be the
    // ERC20 token receiver and token ammount you want to send
    const receiver = request.params.receiver;
    const amount = request.params.amount;

    // Obtain logger
    const logger = Moralis.Cloud.getLogger();
    // Moralis.ethersByChain gives you access to ethers.js library
    // See list of supported chains on the docs
    // Here we are using Rinkeby Testnet (0x4)
    const eth = Moralis.ethersByChain("0x4"); 

    // Define your provider, you need a RPC Provider
    // You can use Moralis' Speedy Nodes for that
    const ethersProvider = new eth.ethers.providers.JsonRpcProvider(

    // Now that is where things get funky, here you need
    // to instatiate your wallet using your wallet Private Key
    const wallet = new eth.ethers.Wallet(

    // Now define the contract your are interacting with
    // You will need an Address and an ABI
    const contractAddress = "YOUR_CONTRACT_ADDRESS";
    const contractABI = JSON.parse('[{YOUR_CONTRACT_ABI}]');

    // And instatiate it
    const myContract = new eth.ethers.Contract(

    // Now you can create the function to interact with
    // the contract you just instantiated above
    const makeTx = async (myContract_, receiver_, amount_) => {
            .transfer(receiver_, amount_)
            .then((transferResult) => {
        } catch (error){

    // And ultimately, call this makeTx function
    makeTx(myContract, receiver, amount);

II. To call this function, you will need to give it a few arguments that will be your query parameters:

const params =  { receiver: "RECEIVER_WALLET_ADDRESS",
                  amount: 1000000000000 // Remember this value is wei
const Tx = await"signTx", params);

Risk are that your private key will be uploaded to the cloud which is accessible to multiple parties and can be leaked

Check this thread for more info: Web3 on clouds: can not sign transactions?

1 Like

Do you mean that attackers can get access to certain fields inside cloud functions?

More like you could get your Moralis account hacked and then have sensitive data exposed.

I have implemented the function I mentioned above, but rather than using a Wallet that holds funds or is a contract Owner, I have implemented Authorized roles on my smart contracts and onlyAuthorized modifiers to grant sporadic access to restricted methods. This way If my private Key ever gets exposed, some damage is prevented.


If you want to do this it would be best to use your own backend that you control.

1 Like

How can I regulate the gas with this solution?

You can set gas price and gas limit:

myContract_.transfer(receiver_, amount_, 
             gasPrice: 50000000000,
             gasLimit: 500000000000000