soroban-cli icon indicating copy to clipboard operation
soroban-cli copied to clipboard

Published 20 hours ago verified publisher icon stellar

CLI: Sign with wallet selector in Laboratory

Open willemneal opened this issue 2 years ago • 5 comments
trafficstars

What problem does your feature solve?

To transactions created in the CLI, allow users to connect to a wallet not stored by the CLI. This is being explicitly asked by developer

What would you like to see?

  • [ ] Wallet kit - land user in Lab with wallet kit - https://github.com/Creit-Tech/Stellar-Wallets-Kit

This issue includes pass the xdr to the sign page on Lab and pass back the signed xdr to the CLI.

What alternatives are there?

willemneal avatar Jun 01 '23 13:06 willemneal

@willemneal @fnando I'm thinking of breaking out the signing with macOS keychain into a separate ticket, what do you think?

janewang avatar Jul 22 '24 16:07 janewang

For signing with system keychain, it is moved to a separate issue: https://github.com/stellar/stellar-cli/issues/1481

janewang avatar Jul 23 '24 21:07 janewang

It sounds like from @quietbits and @jeesunikim that this work requires adding a top level account

janewang avatar Jul 24 '24 15:07 janewang

Currently blocked by #1406

ifropc avatar Jul 25 '24 19:07 ifropc

This will add a new --sign-with-lab flag for (currently WIP) tx sign command. The flow is:

  1. Prompt user to confirm opening browser (unless --yes is passed)
  2. Start http server on any open port
  3. Open browser with constructed url: https://beta-laboratory.stellar.org/transaction/cli-sign?importXdr=<xdr>&passphrase=<network-passphrase>&redirect-url=localhost:port/callback (more below)
  4. cli: wait for callback to be called
  5. laboratory: show sign view, when user click on sign, redirect to localhost:port/callback?signed=<xdr>
  6. http server: listen to callback, when called save xdr into var
  7. http server: redirect from /callback lab's success page (https://beta-laboratory.stellar.org/transaction/cli-success)
  8. pass xdr back to cli main thread and kill server
  9. print result signed xdr

We could reuse existing /sign endpoint, but I think it's more flexible to add 2 new endpoints:

  1. /sign-cli that accepts necessary query parameters listed above:
  • importXdr: XDR to sign
  • passphrase: network passphrase (default to lab selected passphrase if not specified)
  • redirect-url: URL user will be redirected to when transaction is successfully signed it can also have a different UI from a regular /sign, if we would want so in the future without the need of changing the cli (e.g. I think it could be useful to be able to see decoded XDR that user is signing) -> for now it can be the same as /sign , or even redirect to /sign. Previously it was discussed that we should add top level account, but IMO it's not necessary. We can keep current flow where user can either sign with provided secret key account (NOT an intended flow, as they can just use other cli commands for the same result. So we can technically remove signing with secret key from /sign-cli ), OR connect wallet and sign with it.
  1. cli-success just a static page that says "transaction signed you can now close this page"

To sum up user flow (numbered): cli:

  1. call sign command
  2. prompt to confirm action Browser:
  3. open laboratory/sign-cli
  4. user connects wallet and signs
  5. redirect localhost/callback (with signed XDR)
  6. redirect laboratory/success cli:
  7. print signed XDR

cc @quietbits @jeesunikim

ifropc avatar Jul 26 '24 19:07 ifropc

Close in favor of https://github.com/stellar/stellar-cli/issues/674

janewang avatar Aug 19 '24 17:08 janewang

@janewang You linked this same issue

willemneal avatar Aug 19 '24 20:08 willemneal