Add multisig 1-of-n account with ed25519 signing and stellar-cli plugin #372
Conversation
There was a problem hiding this comment.
I can't get the example to work. Once we get past that I can explore the actual contract and plugin code further.
I will say this is the first time I've used or even heard of CLI plugins and that's likely for a lot of folks so we should include some more background context info for folks on what they are, how they work, how to build and use them.
…lar/soroban-examples into add-multisig-1-of-n-account
…lar/soroban-examples into add-multisig-1-of-n-account
…lar/soroban-examples into add-multisig-1-of-n-account
…lar/soroban-examples into add-multisig-1-of-n-account
|
|
||
| // Generate a random payload to use for the test. When the account contract is being | ||
| // called as part of a require_auth, the payload will be a hash of the network passphrase, | ||
| // contract ID, function name, and all the parameters that the contract calling require_auth |
There was a problem hiding this comment.
This comment is somewhat misleading because the payload contains a call tree, not a single call. IDK if this level of detail is necessary here, but I'm also not sure if a misleading comment is better.
| ))?; | ||
|
|
||
| // Extract mutable references to the parts of the auths that are needed for signing. | ||
| let auths = match &mut txe { |
There was a problem hiding this comment.
Just a general thought: it would be nice to provide a way to write plugins that specifically allow customizing the signing functionality, i.e. the input would be the hashes to sign + context (basically API would be almost symmetric with __check_auth) that correspond to the account's credentials. Otherwise every custom account would need to go through the same transaction parsing and payload preparation boilerplate.
There was a problem hiding this comment.
Great idea. Opened an issue about that over here:
In the interim the code in this example would be simpler if it was trivial to extract auths from a transaction, so I'm adding that capability to the stellar-xdr crate:
This is what this code looks like when updated to use it:
What
Add a custom contract account that authorizes with one ed25519 signature in a 1-of-n fashoin.
Also add two stellar-cli plugins that signs authorizations, one written in Rust, and one written in JavaScript/TypeScript (Deno).
Why
Provide a contract account example that authorizes using a simple multisig construct, and demonstrate how to produce a stellar-cli plugin for signing the custom authorization.
Why Deno
The JavaScript/TypeScript cli-plugin is using the Deno runtime to get the benefit of sandboxing. The plugin handles keys, and Deno provides confidence that no matter what npm packages are in use that the plugin cannot make calls to the outside world.
Dependent on: