You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The CLI needs to support for adding a different signer or multiple signers to a transaction without any of those signers being the source account.
Why
The CLI today assumes that the signer of a transaction is the master key of the source account. This is fine for development and for simpler user key setups, but doesn't support more complex signers configurations that the Stellar accounts of organizations (e.g. asset issuers) and security sensitive individuals.
To address those advanced needs the CLI should support constructing transactions that are signed by a different key than the source account, and support being signed by multiple keys.
How
Add a new option --signer that is supported anywhere that --source is supported.
The --signer option can appear zero, one, or many times.
When a --signer is not present, the --source is also the signer.
When a --signer is present one or many, the --source is not a signer, and each signer is looked up separately and signs the transaction in sequence.
Examples
For example, today the CLI supports, and it would continue to support:
soroban contract deploy --wasm ... --source me
And for example, a user should be able to sign the tx with a different key than the source:
soroban contract deploy --wasm ... --source me --signer myotherkey
And for example, a user should also be able to specify multiple keys:
This change makes the first example in the issue above shorthand for:
soroban contract deploy --wasm ... --source me --signer me
Notes
Note that the use of multiple keys/signers located on a local machine doesn't really increase security, and so the importance of supporting multiple keys is significantly less than the importance of supporting a different key. The critically important feature of this issue is to support a different key for signing. But it's a natural extension to support multiple, and a tiny effort to add it in conjunction.
The text was updated successfully, but these errors were encountered:
I think we should capture that in a separate issue. I'm hoping once #1180 gets broken up into two issues that the issue that comes out of that for skipping signing on any tx built will involve adding a --no-sign or --sign false.
What
The CLI needs to support for adding a different signer or multiple signers to a transaction without any of those signers being the source account.
Why
The CLI today assumes that the signer of a transaction is the master key of the source account. This is fine for development and for simpler user key setups, but doesn't support more complex signers configurations that the Stellar accounts of organizations (e.g. asset issuers) and security sensitive individuals.
To address those advanced needs the CLI should support constructing transactions that are signed by a different key than the source account, and support being signed by multiple keys.
How
Add a new option
--signer
that is supported anywhere that--source
is supported.The
--signer
option can appear zero, one, or many times.When a
--signer
is not present, the--source
is also the signer.When a
--signer
is present one or many, the--source
is not a signer, and each signer is looked up separately and signs the transaction in sequence.Examples
For example, today the CLI supports, and it would continue to support:
And for example, a user should be able to sign the tx with a different key than the source:
And for example, a user should also be able to specify multiple keys:
This change makes the first example in the issue above shorthand for:
Notes
Note that the use of multiple keys/signers located on a local machine doesn't really increase security, and so the importance of supporting multiple keys is significantly less than the importance of supporting a different key. The critically important feature of this issue is to support a different key for signing. But it's a natural extension to support multiple, and a tiny effort to add it in conjunction.
The text was updated successfully, but these errors were encountered: