fix: remove keyring-backend=test default override

[kpitapeersyst]

fix: remove keyring-backend=test default override

Motivation 💡

The root command was globally overriding the keyring backend default to test across all subcommands, including production node operations. The test backend stores keys as unencrypted JSON files under ~/.exrpd/keyring-test/ with no passphrase protection, so any operator running the binary without explicitly passing --keyring-backend=os would silently use the insecure backend. This exposes Cosmos-managed keys (e.g. hot wallet keys for fee payments or EVM operations) to any attacker with local filesystem access.

Changes 🛠

• Removed the overwriteFlagDefaults call in cmd/exrpd/cmd/root.go that set flags.FlagKeyringBackend to test, restoring the Cosmos SDK default of os (OS secret store).

Considerations 🤔

• Operators who were relying on the implicit test backend will need to either pass --keyring-backend=test explicitly for local development or migrate their keys to the os backend.

Summary by CodeRabbit

• Bug Fixes
  • Removed an automatic override that forced the keyring backend to a test value. The flag now respects its intended default and configured value across the command tree, preventing unexpected test-mode behavior and restoring proper runtime configuration.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8c546d10-c18f-4cab-a0bb-8d60d0829da4

📥 Commits

Reviewing files that changed from the base of the PR and between ab7a7dd and 8b5fabf.

📒 Files selected for processing (1)

• cmd/exrpd/cmd/root.go

✅ Files skipped from review due to trivial changes (1)

• cmd/exrpd/cmd/root.go

---

📝 Walkthrough

Walkthrough

The root command initialization no longer calls the recursive helper that overwrote the flags.FlagKeyringBackend flag default/value to "test" across the command tree; the helper and an unused pflag import were removed.

Changes

Cohort / File(s)	Summary
Flag default override removal cmd/exrpd/cmd/root.go	Removed recursive overwriteFlagDefaults usage and the helper that mutated flags' DefValue/Value to "test", and removed an unused pflag import. Lines deleted: ~25; lines added: ~2.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

A rabbit peeks where defaults rest,
Nudges one flag from its nest,
Four lines hopped off, tidy and neat,
The root command breathes light and sweet. 🐇✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: removing a keyring backend default override that was enforcing the test backend.
Description check	✅ Passed	The description covers all required template sections: Motivation clearly explains the security issue, Changes specify what was removed, and Considerations address operator impact.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/default-keyring-test

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (2.11.4)

Error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/docs/product/migration-guide for migration instructions
The command is terminated due to an error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/docs/product/migration-guide for migration instructions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}