Skip to content

feat(cast): keychain sign-authorization subcommand#14743

Draft
mablr wants to merge 1 commit into
masterfrom
mablr/sign-authorization-keychain
Draft

feat(cast): keychain sign-authorization subcommand#14743
mablr wants to merge 1 commit into
masterfrom
mablr/sign-authorization-keychain

Conversation

@mablr
Copy link
Copy Markdown
Collaborator

@mablr mablr commented May 13, 2026
edited
Loading

Motivation

Add 'cast keychain sign-authorization' (alias 'sign-auth') for signing a Tempo KeyAuthorization with the connected browser/passkey wallet.

  • Converts CLI flags (--limit, --scope/--scopes, --expiry, --chain-id, key type) into tempo-primitives types
  • Drives BrowserSigner::sign_key_authorization via the local wallet bridge
  • Prints the RLP-encoded SignedKeyAuthorization as 0x-prefixed hex (or JSON)

Enforce policy completeness at clap arg-parsing time:

  • 'spending_policy' group: --limit | --deny-all-spending (mutually exclusive, required)
  • 'call_policy' group: --scope | --scopes | --deny-all-calls (mutually exclusive, required)

Pending:

Testing

Checkout foundry-rs/foundry-browser-wallet#67 and run pnpm run dev, and open browser http://localhost:5173.

Build and run cast:

cast keychain sign-authorization -h
cast keychain sign-authorization \
    <your_key> secp256k1 \
    --chain-id 4217 \
    --expiry 1810199310 \
    --limit 0x20c000000000000000000000b9537d11c60e8b50:100000000 \
    --scope 0x20c000000000000000000000b9537d11c60e8b50:transfer,approve \
    --browser --browser-development --browser-disable-open
...

@mablr @ampcode-com
feat(cast): keychain sign-authorization subcommand
7d4e41e 
Add 'cast keychain sign-authorization' (alias 'sign-auth') for signing
a Tempo KeyAuthorization with the connected browser/passkey wallet.

- Converts CLI flags (--limit, --scope/--scopes, --expiry, --chain-id,
  key type) into tempo-primitives types
- Drives BrowserSigner::sign_key_authorization via the local wallet
  bridge
- Prints the RLP-encoded SignedKeyAuthorization as 0x-prefixed hex (or
  JSON)

Enforce policy completeness at clap arg-parsing time:
- 'spending_policy' group: --limit | --deny-all-spending (mutually
  exclusive, required)
- 'call_policy' group: --scope | --scopes | --deny-all-calls (mutually
  exclusive, required)

Cargo.toml: temporary local path override for foundry-wallets while the
companion foundry-core branch lands.

Co-authored-by: Amp <amp@ampcode.com>
@figtracer figtracer mentioned this pull request May 14, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DaniPopes DaniPopes Awaiting requested review from DaniPopes DaniPopes will be requested when the pull request is marked ready for review DaniPopes is a code owner

@mattsse mattsse Awaiting requested review from mattsse mattsse will be requested when the pull request is marked ready for review mattsse is a code owner

@grandizzy grandizzy Awaiting requested review from grandizzy grandizzy will be requested when the pull request is marked ready for review grandizzy is a code owner

@zerosnacks zerosnacks Awaiting requested review from zerosnacks zerosnacks will be requested when the pull request is marked ready for review zerosnacks is a code owner

@0xrusowsky 0xrusowsky Awaiting requested review from 0xrusowsky 0xrusowsky will be requested when the pull request is marked ready for review 0xrusowsky is a code owner

@figtracer figtracer Awaiting requested review from figtracer figtracer will be requested when the pull request is marked ready for review figtracer is a code owner

@stevencartavia stevencartavia Awaiting requested review from stevencartavia stevencartavia will be requested when the pull request is marked ready for review stevencartavia is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

Foundry
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mablr