1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
//! Webcash CLI - Command Line Interface for Webcash Wallet
use clap::{Parser, Subcommand};
use std::path::PathBuf;
use std::str::FromStr;
use webylib::biometric::EncryptedData;
use webylib::{Amount, SecretWebcash, Wallet};
#[derive(Parser)]
#[command(name = "webyc")]
#[command(about = "Webcash wallet command line interface")]
#[command(version = env!("CARGO_PKG_VERSION"))]
struct Cli {
/// Wallet database file path
#[arg(short, long, default_value = "wallet.db")]
wallet: PathBuf,
/// Enable biometric authentication for encrypted wallets
#[arg(long)]
biometric: bool,
#[command(subcommand)]
command: Commands,
}
#[derive(Subcommand)]
enum Commands {
/// Initialize a new wallet with master secret
Setup {
/// Optional master secret in hex format (64 characters) - if not provided, generates new one
#[arg(short = 'p', long)]
master_secret: Option<String>,
/// Enable biometric encryption (Face ID/Touch ID on mobile)
#[arg(long)]
biometric: bool,
},
/// Show wallet information
Info,
/// Insert webcash into wallet
Insert {
/// Webcash to insert
webcash: Option<String>,
/// Optional memo
#[arg(short, long)]
memo: Option<String>,
/// Skip server validation (offline mode)
#[arg(long)]
offline: bool,
},
/// Generate payment webcash
Pay {
/// Amount to pay
amount: String,
/// Optional memo
#[arg(short, long)]
memo: Option<String>,
},
/// Check wallet against server
Check,
/// Recover wallet from stored master secret
Recover {
/// Gap limit for recovery
#[arg(long, default_value = "20")]
gap_limit: usize,
},
/// Merge small outputs
Merge {
/// Maximum outputs to merge at once
#[arg(long, default_value = "20")]
group: usize,
/// Maximum output size
#[arg(long, default_value = "50000000")]
max: String,
/// Optional memo
#[arg(long)]
memo: Option<String>,
},
/// Encrypt wallet using biometrics or password
Encrypt {
/// Output file for encrypted wallet
#[arg(short, long)]
output: PathBuf,
/// Use password instead of biometrics
#[arg(long)]
password: bool,
},
/// Decrypt wallet from encrypted file
Decrypt {
/// Input file containing encrypted wallet
#[arg(short, long)]
input: PathBuf,
/// Use password instead of biometrics
#[arg(long)]
password: bool,
},
/// Encrypt the wallet database file with password (for runtime use)
EncryptDb {
/// Use password instead of biometric authentication
#[arg(long)]
password: bool,
},
/// Decrypt the wallet database file (for runtime use)
DecryptDb {
/// Use password instead of biometric authentication
#[arg(long)]
password: bool,
},
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let cli = Cli::parse();
match cli.command {
Commands::Setup {
master_secret,
biometric,
} => {
println!("Setting up new wallet at: {}", cli.wallet.display());
// Generate or use provided master secret (now optional - wallet auto-generates)
let explicit_master_secret = master_secret.is_some();
let master_secret_hex = match master_secret {
Some(secret) => {
println!("🎯 Using provided master secret: {}...", &secret[..8]);
secret
}
None => {
println!("🔑 Master secret will be auto-generated using hardware RNG");
// Return empty string - wallet will auto-generate
String::new()
}
};
if biometric {
println!("🔐 Biometric encryption enabled");
}
match Wallet::open_with_biometric(&cli.wallet, biometric).await {
Ok(wallet) => {
// Store the master secret only if explicitly provided
if explicit_master_secret {
match wallet.store_master_secret(&master_secret_hex).await {
Ok(()) => {
println!(
"✅ Wallet created successfully with provided master secret!"
);
}
Err(e) => {
eprintln!("❌ Failed to store master secret: {}", e);
std::process::exit(1);
}
}
} else {
println!(
"✅ Wallet created successfully with auto-generated master secret!"
);
}
let stats = wallet.stats().await?;
println!("📊 Wallet statistics:");
println!(" Total webcash: {}", stats.total_webcash);
println!(" Unspent webcash: {}", stats.unspent_webcash);
println!(" Balance: {}", stats.total_balance);
println!(
" Biometric encryption: {}",
if wallet.is_biometric_enabled() {
"Enabled"
} else {
"Disabled"
}
);
}
Err(e) => {
eprintln!("❌ Failed to create wallet: {}", e);
std::process::exit(1);
}
}
}
Commands::Info => {
println!("Wallet information for: {}", cli.wallet.display());
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => {
let balance = wallet.balance().await?;
let stats = wallet.stats().await?;
let webcash_list = wallet.list_webcash().await?;
println!("📊 Wallet Statistics:");
println!(" Balance: {} WEBCASH", balance);
println!(" Total entries: {}", stats.total_webcash);
println!(" Unspent entries: {}", stats.unspent_webcash);
println!(" Spent entries: {}", stats.spent_webcash);
if !webcash_list.is_empty() {
println!("\n💰 Unspent Webcash:");
for (i, webcash) in webcash_list.iter().enumerate() {
println!(" {}. {} ({})", i + 1, webcash, webcash.amount);
}
} else {
println!("\n💰 No unspent webcash in wallet");
}
}
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
eprintln!(
"💡 Try running 'webyc --wallet {} setup' to create a new wallet",
cli.wallet.display()
);
std::process::exit(1);
}
}
}
Commands::Insert {
webcash,
memo,
offline,
} => {
println!("Inserting webcash into wallet: {}", cli.wallet.display());
if let Some(memo) = memo {
println!("Memo: {}", memo);
}
if offline {
println!("🔄 Offline mode - skipping server validation");
}
// Get webcash from argument or environment variable
let webcash_str = match webcash {
Some(wc) => wc,
None => {
eprintln!("❌ No webcash secret provided");
eprintln!("💡 Provide webcash secret as argument");
std::process::exit(1);
}
};
// Parse the webcash string
let secret_webcash = match SecretWebcash::parse(&webcash_str) {
Ok(wc) => wc,
Err(e) => {
eprintln!("❌ Invalid webcash format: {}", e);
eprintln!("💡 Expected format: e<amount>:<type>:<value>");
std::process::exit(1);
}
};
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => {
// Match Python: insert does NOT validate before replace by default
// Only validate if explicitly requested (not the default behavior)
let validate_with_server = false; // Python doesn't validate before replace
match wallet
.insert_with_validation(secret_webcash.clone(), validate_with_server)
.await
{
Ok(()) => {
println!(
"✅ Successfully inserted webcash: {}",
secret_webcash.amount
);
let new_balance = wallet.balance().await?;
println!("📊 New balance: {} WEBCASH", new_balance);
}
Err(e) => {
eprintln!("❌ Failed to insert webcash: {}", e);
std::process::exit(1);
}
}
}
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
}
Commands::Pay { amount, memo } => {
let memo_str = memo.as_deref().unwrap_or("Payment");
println!(
"Generating payment webcash for amount: {} with memo: '{}' from wallet: {}",
amount,
memo_str,
cli.wallet.display()
);
// Parse the amount
let payment_amount = match Amount::from_str(&amount) {
Ok(amt) => amt,
Err(e) => {
eprintln!("❌ Invalid amount format: {}", e);
std::process::exit(1);
}
};
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => match wallet.pay(payment_amount, memo_str).await {
Ok(message) => {
println!("✅ {}", message);
let new_balance = wallet
.balance()
.await
.unwrap_or_else(|_| "unknown".to_string());
println!("📊 New balance: {} WEBCASH", new_balance);
}
Err(e) => {
eprintln!("❌ Payment generation failed: {}", e);
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
}
Commands::Check => {
println!("Checking wallet against server: {}", cli.wallet.display());
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => match wallet.check().await {
Ok(result) => {
println!("✅ Wallet check completed successfully");
println!(" Valid: {}", result.valid_count);
println!(" Spent: {}", result.spent_count);
}
Err(e) => {
eprintln!("❌ Wallet check failed: {}", e);
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
}
Commands::Recover { gap_limit } => {
println!(
"Recovering wallet with gap limit: {} for wallet: {}",
gap_limit,
cli.wallet.display()
);
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => match wallet.recover_from_wallet(gap_limit).await {
Ok(summary) => {
println!("✅ Recovery completed successfully");
println!("{}", summary);
}
Err(e) => {
eprintln!("❌ Recovery failed: {}", e);
eprintln!("💡 Try: webyc setup -p <master_secret> # Create wallet with master secret");
eprintln!("💡 Or: webyc recover <master_secret> # Recover from external master secret");
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
}
Commands::Merge { group, max, memo } => {
println!(
"Merging outputs (group: {}, max: {}) for wallet: {}",
group,
max,
cli.wallet.display()
);
if let Some(memo) = memo {
println!("Memo: {}", memo);
}
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => match wallet.merge(group).await {
Ok(summary) => {
println!("✅ Merge completed successfully");
println!("{}", summary);
}
Err(e) => {
eprintln!("❌ Merge failed: {}", e);
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
}
Commands::Encrypt { output, password } => {
println!(
"Encrypting wallet: {} to: {}",
cli.wallet.display(),
output.display()
);
if password {
println!("🔐 Password-based encryption");
// Get password from user
print!("Enter encryption password: ");
use std::io::Write;
std::io::stdout().flush().unwrap();
let password = rpassword::read_password().unwrap();
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => {
match wallet.encrypt_with_password(&password).await {
Ok(encrypted_data) => {
// Write encrypted data to file
let data = serde_json::to_vec_pretty(&encrypted_data)?;
std::fs::write(&output, data)?;
println!(
"✅ Wallet encrypted with password and saved to: {}",
output.display()
);
println!("🔒 Encryption algorithm: {}", encrypted_data.algorithm);
println!(
"📅 Encrypted at: {}",
encrypted_data.metadata.encrypted_at
);
}
Err(e) => {
eprintln!("❌ Encryption failed: {}", e);
std::process::exit(1);
}
}
}
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
} else {
println!("🔐 Biometric encryption (Face ID/Touch ID)");
match Wallet::open_with_biometric(&cli.wallet, true).await {
Ok(wallet) => {
match wallet.encrypt_with_biometrics().await {
Ok(encrypted_data) => {
// Write encrypted data to file
let data = serde_json::to_vec_pretty(&encrypted_data)?;
std::fs::write(&output, data)?;
println!(
"✅ Wallet encrypted with biometrics and saved to: {}",
output.display()
);
println!("🔒 Encryption algorithm: {}", encrypted_data.algorithm);
println!("📱 Platform: {}", encrypted_data.metadata.platform);
if let Some(bio_type) = &encrypted_data.metadata.biometric_type {
println!("👤 Biometric type: {}", bio_type);
}
println!(
"📅 Encrypted at: {}",
encrypted_data.metadata.encrypted_at
);
}
Err(e) => {
eprintln!("❌ Biometric encryption failed: {}", e);
eprintln!("💡 Try using --password for password-based encryption");
std::process::exit(1);
}
}
}
Err(e) => {
eprintln!("❌ Failed to open wallet with biometric encryption: {}", e);
eprintln!("💡 Try using --password for password-based encryption");
std::process::exit(1);
}
}
}
}
Commands::Decrypt { input, password } => {
println!(
"Decrypting wallet from: {} to: {}",
input.display(),
cli.wallet.display()
);
// Read encrypted data from file
let data = match std::fs::read(&input) {
Ok(data) => data,
Err(e) => {
eprintln!("❌ Failed to read encrypted file: {}", e);
std::process::exit(1);
}
};
let encrypted_data: EncryptedData = match serde_json::from_slice(&data) {
Ok(data) => data,
Err(e) => {
eprintln!("❌ Invalid encrypted file format: {}", e);
std::process::exit(1);
}
};
println!("🔍 Encrypted file info:");
println!(" Algorithm: {}", encrypted_data.algorithm);
println!(" Platform: {}", encrypted_data.metadata.platform);
println!(" Encrypted at: {}", encrypted_data.metadata.encrypted_at);
if let Some(bio_type) = &encrypted_data.metadata.biometric_type {
println!(" Biometric type: {}", bio_type);
}
if password || encrypted_data.algorithm.contains("PASSWORD") {
println!("🔐 Password-based decryption");
// Get password from user
print!("Enter decryption password: ");
use std::io::Write;
std::io::stdout().flush().unwrap();
let password = rpassword::read_password().unwrap();
match Wallet::open_with_biometric(&cli.wallet, cli.biometric).await {
Ok(wallet) => {
match wallet
.decrypt_with_password(&encrypted_data, &password)
.await
{
Ok(()) => {
println!(
"✅ Wallet decrypted successfully from: {}",
input.display()
);
let balance = wallet.balance().await?;
println!("💰 Restored wallet balance: {} WEBCASH", balance);
}
Err(e) => {
eprintln!("❌ Decryption failed: {}", e);
eprintln!("💡 Check your password and try again");
std::process::exit(1);
}
}
}
Err(e) => {
eprintln!("❌ Failed to open wallet: {}", e);
std::process::exit(1);
}
}
} else {
println!("🔐 Biometric decryption (Face ID/Touch ID)");
match Wallet::open_with_biometric(&cli.wallet, true).await {
Ok(wallet) => match wallet.decrypt_with_biometrics(&encrypted_data).await {
Ok(()) => {
println!(
"✅ Wallet decrypted successfully with biometrics from: {}",
input.display()
);
let balance = wallet.balance().await?;
println!("💰 Restored wallet balance: {} WEBCASH", balance);
}
Err(e) => {
eprintln!("❌ Biometric decryption failed: {}", e);
eprintln!("💡 Try using --password if biometric authentication is not available");
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open wallet with biometric encryption: {}", e);
eprintln!("💡 Try using --password for password-based decryption");
std::process::exit(1);
}
}
}
}
Commands::EncryptDb { password } => {
println!("🔐 Encrypting wallet database: {}", cli.wallet.display());
if password {
println!("🔑 Password-based encryption");
// Get password from user
print!("Enter encryption password: ");
use std::io::Write;
std::io::stdout().flush().unwrap();
let encryption_password = rpassword::read_password().unwrap();
// Open normal wallet and encrypt with password
match Wallet::open_with_biometric(&cli.wallet, false).await {
Ok(wallet) => {
match wallet
.encrypt_database_with_password(&encryption_password)
.await
{
Ok(()) => {
println!(
"✅ Wallet database encrypted successfully with password!"
);
println!("🔒 Use the same password to decrypt the database");
}
Err(e) => {
eprintln!("❌ Failed to encrypt database: {}", e);
std::process::exit(1);
}
}
}
Err(e) => {
eprintln!("❌ Failed to open wallet for encryption: {}", e);
std::process::exit(1);
}
}
} else {
println!("🔐 Biometric encryption (Face ID/Touch ID)");
// Open wallet with biometric encryption enabled
match Wallet::open_with_biometric(&cli.wallet, true).await {
Ok(wallet) => match wallet.encrypt_database().await {
Ok(()) => {
println!("✅ Wallet database encrypted successfully!");
println!("🔒 The database file is now encrypted and can only be opened with biometric authentication");
}
Err(e) => {
eprintln!("❌ Failed to encrypt database: {}", e);
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open wallet for encryption: {}", e);
eprintln!(
"💡 Make sure the wallet exists and biometric features are available"
);
std::process::exit(1);
}
}
}
}
Commands::DecryptDb { password } => {
println!("🔓 Decrypting wallet database: {}", cli.wallet.display());
if password {
println!("🔑 Password-based decryption");
// Get password from user
print!("Enter decryption password: ");
use std::io::Write;
std::io::stdout().flush().unwrap();
let decryption_password = rpassword::read_password().unwrap();
// Decrypt database with password (no need to open wallet first)
let dummy_wallet = Wallet::open_with_biometric(&cli.wallet, false)
.await
.map_err(|_| "Cannot access encrypted database without correct method")?;
match dummy_wallet
.decrypt_database_with_password(&decryption_password)
.await
{
Ok(()) => {
println!("✅ Wallet database decrypted successfully with password!");
println!("🔓 Database is now accessible as normal SQLite file");
}
Err(e) => {
eprintln!("❌ Failed to decrypt database: {}", e);
eprintln!("💡 Check your password and try again");
std::process::exit(1);
}
}
} else {
println!("🔐 Biometric decryption (Face ID/Touch ID)");
// Open wallet with biometric encryption
match Wallet::open_with_biometric(&cli.wallet, true).await {
Ok(wallet) => match wallet.decrypt_database().await {
Ok(()) => {
println!("✅ Wallet database decrypted and ready for use!");
println!("🔓 You can now perform transactions with this wallet");
let balance = wallet.balance().await?;
println!("💰 Current balance: {} WEBCASH", balance);
}
Err(e) => {
eprintln!("❌ Failed to decrypt database: {}", e);
std::process::exit(1);
}
},
Err(e) => {
eprintln!("❌ Failed to open encrypted wallet: {}", e);
eprintln!("💡 Make sure the database is encrypted and biometric authentication is available");
std::process::exit(1);
}
}
}
}
}
Ok(())
}