The signer package contains a public interface along with multiple implementations that can be used to sign operations, blocks and arbitrary messages. The Signer interface is designed to work with remote signers and hardware modules which can hold multiple private keys.

type Signer interface {
  // Return a list of addresses the signer manages.
  ListAddresses(context.Context) ([]tezos.Address, error)

  // Returns the public key for a managed address. Required for reveal ops.
  GetKey(context.Context, tezos.Address) (tezos.Key, error)

  // Sign an arbitrary text message wrapped into a failing noop.
  SignMessage(context.Context, tezos.Address, string) (tezos.Signature, error)

  // Sign an operation.
  SignOperation(context.Context, tezos.Address, *codec.Op) (tezos.Signature, error)

  // Sign a block header.
  SignBlock(context.Context, tezos.Address, *codec.BlockHeader) (tezos.Signature, error)
}

The signer is used by the rpc.Send() and contract.Call() family of functions, but you can always use it directly and attach the signature to an operation with op.WithSignature()

As initial signers we support an in-memory signer that can be created from a private key and a client for the Tezos remote signer interface. Feel free to add your own custom signer implementation, but it should be compatible with the interface above to use the convenience wrappers.