soroban_cli/config/
sign_with.rs

1use crate::{
2    print::Print,
3    signer::{self, ledger, Signer, SignerKind},
4    xdr::{self, TransactionEnvelope},
5};
6use clap::arg;
7
8use super::{
9    locator,
10    network::{self, Network},
11    secret,
12};
13
14#[derive(thiserror::Error, Debug)]
15pub enum Error {
16    #[error(transparent)]
17    Network(#[from] network::Error),
18    #[error(transparent)]
19    Signer(#[from] signer::Error),
20    #[error(transparent)]
21    Secret(#[from] secret::Error),
22    #[error(transparent)]
23    Locator(#[from] locator::Error),
24    #[error(transparent)]
25    Rpc(#[from] soroban_rpc::Error),
26    #[error("No sign with key provided")]
27    NoSignWithKey,
28    #[error(transparent)]
29    StrKey(#[from] stellar_strkey::DecodeError),
30    #[error(transparent)]
31    Xdr(#[from] xdr::Error),
32}
33
34#[derive(Debug, clap::Args, Clone, Default)]
35#[group(skip)]
36pub struct Args {
37    /// Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path.
38    #[arg(long, env = "STELLAR_SIGN_WITH_KEY")]
39    pub sign_with_key: Option<String>,
40
41    #[arg(long, conflicts_with = "sign_with_lab")]
42    /// If using a seed phrase to sign, sets which hierarchical deterministic path to use, e.g. `m/44'/148'/{hd_path}`. Example: `--hd-path 1`. Default: `0`
43    pub hd_path: Option<usize>,
44
45    #[allow(clippy::doc_markdown)]
46    /// Sign with https://lab.stellar.org
47    #[arg(long, conflicts_with = "sign_with_key", env = "STELLAR_SIGN_WITH_LAB")]
48    pub sign_with_lab: bool,
49
50    /// Sign with a ledger wallet
51    #[arg(
52        long,
53        conflicts_with = "sign_with_key",
54        conflicts_with = "sign_with_lab",
55        env = "STELLAR_SIGN_WITH_LEDGER"
56    )]
57    pub sign_with_ledger: bool,
58}
59
60impl Args {
61    pub async fn sign_tx_env(
62        &self,
63        tx: &TransactionEnvelope,
64        locator: &locator::Args,
65        network: &Network,
66        quiet: bool,
67    ) -> Result<TransactionEnvelope, Error> {
68        let print = Print::new(quiet);
69        let signer = if self.sign_with_lab {
70            Signer {
71                kind: SignerKind::Lab,
72                print,
73            }
74        } else if self.sign_with_ledger {
75            let ledger = ledger(
76                self.hd_path
77                    .unwrap_or_default()
78                    .try_into()
79                    .unwrap_or_default(),
80            )
81            .await?;
82            Signer {
83                kind: SignerKind::Ledger(ledger),
84                print,
85            }
86        } else {
87            let key_or_name = self.sign_with_key.as_deref().ok_or(Error::NoSignWithKey)?;
88            let secret = locator.get_secret_key(key_or_name)?;
89            secret.signer(self.hd_path, print).await?
90        };
91        Ok(signer.sign_tx_env(tx, network).await?)
92    }
93}