Make the CLI take public keys instead of secret keys so that hardware…

… wallet signing is not precluded.
anoma · Nov 22, 2023 · 158e6b7 · 158e6b7
1 parent 47c887c
commit 158e6b7
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 30 deletions.
diff --git a/apps/src/lib/cli.rs b/apps/src/lib/cli.rs
@@ -2935,7 +2935,7 @@ pub mod args {
         arg_opt("gas-spending-key");
     pub const FEE_AMOUNT_OPT: ArgOpt<token::DenominatedAmount> =
         arg_opt("gas-price");
-    pub const FEE_PAYER_OPT: ArgOpt<WalletKeypair> = arg_opt("gas-payer");
+    pub const FEE_PAYER_OPT: ArgOpt<WalletPublicKey> = arg_opt("gas-payer");
     pub const FORCE: ArgFlag = flag("force");
     pub const GAS_LIMIT: ArgDefault<GasLimit> =
         arg_default("gas-limit", DefaultFn(|| GasLimit::from(25_000)));
@@ -3022,7 +3022,7 @@ pub mod args {
     pub const SIGNER: ArgOpt<WalletAddress> = arg_opt("signer");
     pub const SIGNING_KEY_OPT: ArgOpt<WalletKeypair> = SIGNING_KEY.opt();
     pub const SIGNING_KEY: Arg<WalletKeypair> = arg("signing-key");
-    pub const SIGNING_KEYS: ArgMulti<WalletKeypair> = arg_multi("signing-keys");
+    pub const SIGNING_KEYS: ArgMulti<WalletPublicKey> = arg_multi("signing-keys");
     pub const SIGNATURES: ArgMulti<PathBuf> = arg_multi("signatures");
     pub const SOURCE: Arg<WalletAddress> = arg("source");
     pub const SOURCE_OPT: ArgOpt<WalletAddress> = SOURCE.opt();
@@ -5665,7 +5665,7 @@ pub mod args {
                 signing_keys: self
                     .signing_keys
                     .iter()
-                    .map(|key| ctx.get_cached(key))
+                    .map(|key| ctx.get(key))
                     .collect(),
                 signatures: self
                     .signatures
@@ -5684,7 +5684,7 @@ pub mod args {
                     .or_else(|| Some(ctx.config.ledger.chain_id.clone())),
                 wrapper_fee_payer: self
                     .wrapper_fee_payer
-                    .map(|x| ctx.get_cached(&x)),
+                    .map(|x| ctx.get(&x)),
                 use_device: self.use_device,
             }
         }

diff --git a/apps/src/lib/client/tx.rs b/apps/src/lib/client/tx.rs
@@ -965,8 +965,14 @@ where
         )
         .await?;
 
+        let mut wallet = namada.wallet_mut().await;
         let signed_offline_proposal = proposal.sign(
-            args.tx.signing_keys,
+            args.tx
+                .signing_keys
+                .iter()
+                .map(|pk| wallet.find_key_by_pk(pk, None))
+                .collect::<Result<_, _>>()
+                .expect("secret keys corresponding to public keys not found"),
             &signing_data.account_public_keys_map.unwrap(),
         );
         let output_file_path = signed_offline_proposal
@@ -1112,8 +1118,14 @@ where
             delegations,
         );
 
+        let mut wallet = namada.wallet_mut().await;
         let offline_signed_vote = offline_vote.sign(
-            args.tx.signing_keys,
+            args.tx
+                .signing_keys
+                .iter()
+                .map(|pk| wallet.find_key_by_pk(pk, None))
+                .collect::<Result<_, _>>()
+                .expect("secret keys corresponding to public keys not found"),
             &signing_data.account_public_keys_map.unwrap(),
         );
         let output_file_path = offline_signed_vote

diff --git a/sdk/src/args.rs b/sdk/src/args.rs
@@ -1817,7 +1817,7 @@ pub struct Tx<C: NamadaTypes = SdkTypes> {
     /// The amount being payed (for gas unit) to include the transaction
     pub fee_amount: Option<InputAmount>,
     /// The fee payer signing key
-    pub wrapper_fee_payer: Option<C::Keypair>,
+    pub wrapper_fee_payer: Option<C::PublicKey>,
     /// The token in which the fee is being paid
     pub fee_token: C::Address,
     /// The optional spending key for fee unshielding
@@ -1832,7 +1832,7 @@ pub struct Tx<C: NamadaTypes = SdkTypes> {
     /// The chain id for which the transaction is intended
     pub chain_id: Option<ChainId>,
     /// Sign the tx with the key for the given alias from your wallet
-    pub signing_keys: Vec<C::Keypair>,
+    pub signing_keys: Vec<C::PublicKey>,
     /// List of signatures to attach to the transaction
     pub signatures: Vec<C::Data>,
     /// Path to the TX WASM code file to reveal PK
@@ -1918,7 +1918,7 @@ pub trait TxBuilder<C: NamadaTypes>: Sized {
         })
     }
     /// The fee payer signing key
-    fn wrapper_fee_payer(self, wrapper_fee_payer: C::Keypair) -> Self {
+    fn wrapper_fee_payer(self, wrapper_fee_payer: C::PublicKey) -> Self {
         self.tx(|x| Tx {
             wrapper_fee_payer: Some(wrapper_fee_payer),
             ..x
@@ -1962,7 +1962,7 @@ pub trait TxBuilder<C: NamadaTypes>: Sized {
         })
     }
     /// Sign the tx with the key for the given alias from your wallet
-    fn signing_keys(self, signing_keys: Vec<C::Keypair>) -> Self {
+    fn signing_keys(self, signing_keys: Vec<C::PublicKey>) -> Self {
         self.tx(|x| Tx { signing_keys, ..x })
     }
     /// List of signatures to attach to the transaction

diff --git a/sdk/src/signing.rs b/sdk/src/signing.rs
@@ -135,21 +135,6 @@ pub fn find_key_by_pk<U: WalletIo>(
         // We already know the secret key corresponding to the MASP sentinal key
         Ok(masp_tx_key())
     } else {
-        // Try to get the signer from the signing-keys argument
-        for signing_key in &args.signing_keys {
-            if signing_key.ref_to() == *public_key {
-                return Ok(signing_key.clone());
-            }
-        }
-        // Try to get the signer from the wrapper-fee-payer argument
-        match &args.wrapper_fee_payer {
-            Some(wrapper_fee_payer)
-                if &wrapper_fee_payer.ref_to() == public_key =>
-            {
-                return Ok(wrapper_fee_payer.clone());
-            }
-            _ => {}
-        }
         // Otherwise we need to search the wallet for the secret key
         wallet
             .find_key_by_pk(public_key, args.password.clone())
@@ -173,9 +158,7 @@ pub async fn tx_signers<'a>(
     default: Option<Address>,
 ) -> Result<Vec<common::PublicKey>, Error> {
     let signer = if !&args.signing_keys.is_empty() {
-        let public_keys =
-            args.signing_keys.iter().map(|key| key.ref_to()).collect();
-        return Ok(public_keys);
+        return Ok(args.signing_keys.clone());
     } else if let Some(verification_key) = &args.verification_key {
         return Ok(vec![verification_key.clone()]);
     } else {
@@ -368,7 +351,7 @@ pub async fn aux_signing_data<'a>(
             .to_public()
     } else {
         match &args.wrapper_fee_payer {
-            Some(keypair) => keypair.to_public(),
+            Some(keypair) => keypair.clone(),
             None => public_keys.get(0).ok_or(TxError::InvalidFeePayer)?.clone(),
         }
     };
@@ -413,7 +396,7 @@ pub async fn init_validator_signing_data<'a>(
             .to_public()
     } else {
         match &args.wrapper_fee_payer {
-            Some(keypair) => keypair.to_public(),
+            Some(keypair) => keypair.clone(),
             None => public_keys.get(0).ok_or(TxError::InvalidFeePayer)?.clone(),
         }
     };