From d36ae7dd565ce6411cf1a071ecc902a2ba4efb79 Mon Sep 17 00:00:00 2001 From: Hakeem Kazeem Date: Sun, 27 Jul 2025 11:03:07 +0100 Subject: [PATCH 1/6] automatically fund a key on testnet --- .../src/commands/contract/deploy/wasm.rs | 1 + cmd/soroban-cli/src/config/mod.rs | 57 ++++++++++++++++--- 2 files changed, 49 insertions(+), 9 deletions(-) diff --git a/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs b/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs index 5ca85ae5f8..92d3eb9be7 100644 --- a/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs +++ b/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs @@ -290,6 +290,7 @@ impl NetworkRunnable for Cmd { } print.log_transaction(&txn, &network, true)?; + println!("CONFIG: {:?}", &config); let signed_txn = &config.sign(*txn).await?; print.globeln("Submitting deploy transaction…"); diff --git a/cmd/soroban-cli/src/config/mod.rs b/cmd/soroban-cli/src/config/mod.rs index 93b6a49f16..1bd803f214 100644 --- a/cmd/soroban-cli/src/config/mod.rs +++ b/cmd/soroban-cli/src/config/mod.rs @@ -10,6 +10,10 @@ use crate::{ xdr::{self, SequenceNumber, Transaction, TransactionEnvelope, TransactionV1Envelope, VecM}, Pwd, }; + +use crate::commands::keys::generate; +use crate::commands::global; +use crate::config::address::KeyName; use network::Network; pub mod address; @@ -45,6 +49,8 @@ pub enum Error { StellarStrkey(#[from] stellar_strkey::DecodeError), #[error(transparent)] Address(#[from] address::Error), + // #[error(transparent)] + // Generate(#[from] generate::Error), // Handles generate::Error from generate_cmd.run } #[derive(Debug, clap::Args, Clone, Default)] @@ -53,14 +59,14 @@ pub struct Args { #[command(flatten)] pub network: network::Args, - #[arg(long, short = 's', visible_alias = "source", env = "STELLAR_ACCOUNT")] + #[arg(long, short = 's', visible_alias = "source", env = "STELLAR_ACCOUNT", default_value = "default")] /// Account that where transaction originates from. Alias `source`. /// Can be an identity (--source alice), a public key (--source GDKW...), /// a muxed account (--source MDA…), a secret key (--source SC36…), /// or a seed phrase (--source "kite urban…"). /// If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to /// sign the final transaction. In that case, trying to sign with public key will fail. - pub source_account: UnresolvedMuxedAccount, + pub source_account: Option, #[command(flatten)] pub locator: locator::Args, @@ -72,18 +78,51 @@ pub struct Args { impl Args { // TODO: Replace PublicKey with MuxedAccount once https://github.com/stellar/rs-stellar-xdr/pull/396 is merged. pub async fn source_account(&self) -> Result { - Ok(self - .source_account - .resolve_muxed_account(&self.locator, self.hd_path()) - .await?) + match &self.source_account { + Some(UnresolvedMuxedAccount::AliasOrSecret(alias)) if alias == "default" => { + let default_name = KeyName("default".to_string()); + if self.locator.read_identity(&default_name).is_err() { + println!("Generating new default account"); + let network = self.network.get(&self.locator)?; + let should_fund = network.network_passphrase == network::passphrase::TESTNET; + let generate_cmd = generate::Cmd { + name: default_name.clone(), + // #[cfg(feature = "version_lt_23")] + // no_fund: !should_fund, + seed: None, // Random seed for security + as_secret: false, + secure_store: false, + config_locator: self.locator.clone(), + hd_path: None, + network: self.network.clone(), + fund: should_fund, + overwrite: false, // Prevent overwriting + }; + let _ = generate_cmd.run(&global::Args { quiet: true, ..Default::default() }).await; + } + Ok(UnresolvedMuxedAccount::AliasOrSecret("default".to_string()) + .resolve_muxed_account(&self.locator, self.hd_path()) + .await?) + } + _ => { + Ok(self + .source_account + .as_ref() + .unwrap() + .resolve_muxed_account(&self.locator, self.hd_path()) + .await?) + } + } } - + pub fn key_pair(&self) -> Result { - let key = &self.source_account.resolve_secret(&self.locator)?; + let key = &self.source_account.as_ref().unwrap().resolve_secret(&self.locator)?; Ok(key.key_pair(self.hd_path())?) } pub async fn sign(&self, tx: Transaction) -> Result { + println!("&self.source_account.as_ref().unwrap(): {:?}", &self.source_account.as_ref().unwrap()); + let tx_env = TransactionEnvelope::Tx(TransactionV1Envelope { tx, signatures: VecM::default(), @@ -95,7 +134,7 @@ impl Args { &self.locator, &self.network.get(&self.locator)?, false, - Some(&self.source_account), + Some(&self.source_account.as_ref().unwrap()), ) .await?) } From 8c997b1276d3eb18fd5016d53e699d667394236c Mon Sep 17 00:00:00 2001 From: Hakeem Kazeem Date: Sun, 27 Jul 2025 11:11:48 +0100 Subject: [PATCH 2/6] remove print --- cmd/soroban-cli/src/commands/contract/deploy/wasm.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs b/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs index 92d3eb9be7..5ca85ae5f8 100644 --- a/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs +++ b/cmd/soroban-cli/src/commands/contract/deploy/wasm.rs @@ -290,7 +290,6 @@ impl NetworkRunnable for Cmd { } print.log_transaction(&txn, &network, true)?; - println!("CONFIG: {:?}", &config); let signed_txn = &config.sign(*txn).await?; print.globeln("Submitting deploy transaction…"); From 0e7e593b226123435feeb8b4a2232bcab810c168 Mon Sep 17 00:00:00 2001 From: Hakeem Kazeem Date: Sun, 27 Jul 2025 11:20:33 +0100 Subject: [PATCH 3/6] remove comments --- cmd/soroban-cli/src/config/mod.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/cmd/soroban-cli/src/config/mod.rs b/cmd/soroban-cli/src/config/mod.rs index 1bd803f214..dd149f7b9c 100644 --- a/cmd/soroban-cli/src/config/mod.rs +++ b/cmd/soroban-cli/src/config/mod.rs @@ -49,8 +49,6 @@ pub enum Error { StellarStrkey(#[from] stellar_strkey::DecodeError), #[error(transparent)] Address(#[from] address::Error), - // #[error(transparent)] - // Generate(#[from] generate::Error), // Handles generate::Error from generate_cmd.run } #[derive(Debug, clap::Args, Clone, Default)] From e11aabd6e40400d36c9685c6297193e756d81318 Mon Sep 17 00:00:00 2001 From: Hakeem Kazeem Date: Sun, 27 Jul 2025 17:13:00 +0100 Subject: [PATCH 4/6] remove comment --- cmd/soroban-cli/src/config/mod.rs | 41 ++++++++++++++++++++----------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/cmd/soroban-cli/src/config/mod.rs b/cmd/soroban-cli/src/config/mod.rs index dd149f7b9c..5aac3fa4a0 100644 --- a/cmd/soroban-cli/src/config/mod.rs +++ b/cmd/soroban-cli/src/config/mod.rs @@ -11,8 +11,8 @@ use crate::{ Pwd, }; -use crate::commands::keys::generate; use crate::commands::global; +use crate::commands::keys::generate; use crate::config::address::KeyName; use network::Network; @@ -57,7 +57,13 @@ pub struct Args { #[command(flatten)] pub network: network::Args, - #[arg(long, short = 's', visible_alias = "source", env = "STELLAR_ACCOUNT", default_value = "default")] + #[arg( + long, + short = 's', + visible_alias = "source", + env = "STELLAR_ACCOUNT", + default_value = "default" + )] /// Account that where transaction originates from. Alias `source`. /// Can be an identity (--source alice), a public key (--source GDKW...), /// a muxed account (--source MDA…), a secret key (--source SC36…), @@ -96,31 +102,36 @@ impl Args { fund: should_fund, overwrite: false, // Prevent overwriting }; - let _ = generate_cmd.run(&global::Args { quiet: true, ..Default::default() }).await; + let _ = generate_cmd + .run(&global::Args { + quiet: true, + ..Default::default() + }) + .await; } Ok(UnresolvedMuxedAccount::AliasOrSecret("default".to_string()) .resolve_muxed_account(&self.locator, self.hd_path()) .await?) } - _ => { - Ok(self - .source_account - .as_ref() - .unwrap() - .resolve_muxed_account(&self.locator, self.hd_path()) - .await?) - } + _ => Ok(self + .source_account + .as_ref() + .unwrap() + .resolve_muxed_account(&self.locator, self.hd_path()) + .await?), } } - + pub fn key_pair(&self) -> Result { - let key = &self.source_account.as_ref().unwrap().resolve_secret(&self.locator)?; + let key = &self + .source_account + .as_ref() + .unwrap() + .resolve_secret(&self.locator)?; Ok(key.key_pair(self.hd_path())?) } pub async fn sign(&self, tx: Transaction) -> Result { - println!("&self.source_account.as_ref().unwrap(): {:?}", &self.source_account.as_ref().unwrap()); - let tx_env = TransactionEnvelope::Tx(TransactionV1Envelope { tx, signatures: VecM::default(), From a4ba098673e9575c71e3c4859ec86b592066dadb Mon Sep 17 00:00:00 2001 From: Hakeem Kazeem Date: Sun, 27 Jul 2025 17:16:03 +0100 Subject: [PATCH 5/6] remove comment --- FULL_HELP_DOCS.md | 100 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 75 insertions(+), 25 deletions(-) diff --git a/FULL_HELP_DOCS.md b/FULL_HELP_DOCS.md index 7fb80bb635..f732239854 100644 --- a/FULL_HELP_DOCS.md +++ b/FULL_HELP_DOCS.md @@ -134,7 +134,7 @@ Get Id of builtin Soroban Asset Contract. Deprecated, use `stellar contract id a Deploy builtin Soroban Asset Contract -**Usage:** `stellar contract asset deploy [OPTIONS] --asset --source-account ` +**Usage:** `stellar contract asset deploy [OPTIONS] --asset ` ###### **Options:** @@ -144,6 +144,8 @@ Deploy builtin Soroban Asset Contract * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -371,7 +373,7 @@ Extend the time to live ledger of a contract-data ledger entry. If no keys are specified the contract itself is extended. -**Usage:** `stellar contract extend [OPTIONS] --ledgers-to-extend --source-account ` +**Usage:** `stellar contract extend [OPTIONS] --ledgers-to-extend ` ###### **Options:** @@ -397,6 +399,8 @@ If no keys are specified the contract itself is extended. * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -416,7 +420,7 @@ If no keys are specified the contract itself is extended. Deploy a wasm contract -**Usage:** `stellar contract deploy [OPTIONS] --source-account <--wasm |--wasm-hash > [-- ...]` +**Usage:** `stellar contract deploy [OPTIONS] <--wasm |--wasm-hash > [-- ...]` ###### **Arguments:** @@ -432,6 +436,8 @@ Deploy a wasm contract * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -505,7 +511,7 @@ Deploy builtin Soroban Asset Contract Deploy normal Wasm Contract -**Usage:** `stellar contract id wasm [OPTIONS] --salt --source-account ` +**Usage:** `stellar contract id wasm [OPTIONS] --salt ` ###### **Options:** @@ -515,6 +521,8 @@ Deploy normal Wasm Contract * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -732,7 +740,7 @@ This command will create a Cargo workspace project and add a sample Stellar cont Install a WASM file to the ledger without creating a contract instance -**Usage:** `stellar contract upload [OPTIONS] --source-account --wasm ` +**Usage:** `stellar contract upload [OPTIONS] --wasm ` ###### **Options:** @@ -741,6 +749,8 @@ Install a WASM file to the ledger without creating a contract instance * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -764,7 +774,7 @@ Install a WASM file to the ledger without creating a contract instance (Deprecated in favor of `contract upload` subcommand) Install a WASM file to the ledger without creating a contract instance -**Usage:** `stellar contract install [OPTIONS] --source-account --wasm ` +**Usage:** `stellar contract install [OPTIONS] --wasm ` ###### **Options:** @@ -773,6 +783,8 @@ Install a WASM file to the ledger without creating a contract instance * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -800,7 +812,7 @@ Generates an "implicit CLI" for the specified contract on-the-fly using the cont stellar contract invoke ... -- --help -**Usage:** `stellar contract invoke [OPTIONS] --id --source-account [-- ...]` +**Usage:** `stellar contract invoke [OPTIONS] --id [-- ...]` ###### **Arguments:** @@ -815,6 +827,8 @@ stellar contract invoke ... -- --help * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -905,7 +919,7 @@ Restore an evicted value for a contract-data legder entry. If no keys are specificed the contract itself is restored. -**Usage:** `stellar contract restore [OPTIONS] --source-account ` +**Usage:** `stellar contract restore [OPTIONS]` ###### **Options:** @@ -931,6 +945,8 @@ If no keys are specificed the contract itself is restored. * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1565,7 +1581,7 @@ Create a new transaction Transfer XLM balance to another account and remove source account -**Usage:** `stellar tx new account-merge [OPTIONS] --source-account --account ` +**Usage:** `stellar tx new account-merge [OPTIONS] --account ` ###### **Options:** @@ -1580,6 +1596,8 @@ Transfer XLM balance to another account and remove source account * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1594,7 +1612,7 @@ Transfer XLM balance to another account and remove source account Bump sequence number to invalidate older transactions -**Usage:** `stellar tx new bump-sequence [OPTIONS] --source-account --bump-to ` +**Usage:** `stellar tx new bump-sequence [OPTIONS] --bump-to ` ###### **Options:** @@ -1609,6 +1627,8 @@ Bump sequence number to invalidate older transactions * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1623,7 +1643,7 @@ Bump sequence number to invalidate older transactions Create, update, or delete a trustline -**Usage:** `stellar tx new change-trust [OPTIONS] --source-account --line ` +**Usage:** `stellar tx new change-trust [OPTIONS] --line ` ###### **Options:** @@ -1638,6 +1658,8 @@ Create, update, or delete a trustline * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1655,7 +1677,7 @@ Create, update, or delete a trustline Create and fund a new account -**Usage:** `stellar tx new create-account [OPTIONS] --source-account --destination ` +**Usage:** `stellar tx new create-account [OPTIONS] --destination ` ###### **Options:** @@ -1670,6 +1692,8 @@ Create and fund a new account * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1687,7 +1711,7 @@ Create and fund a new account Set, modify, or delete account data entries -**Usage:** `stellar tx new manage-data [OPTIONS] --source-account --data-name ` +**Usage:** `stellar tx new manage-data [OPTIONS] --data-name ` ###### **Options:** @@ -1702,6 +1726,8 @@ Set, modify, or delete account data entries * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1717,7 +1743,7 @@ Set, modify, or delete account data entries Send asset to destination account -**Usage:** `stellar tx new payment [OPTIONS] --source-account --destination --amount ` +**Usage:** `stellar tx new payment [OPTIONS] --destination --amount ` ###### **Options:** @@ -1732,6 +1758,8 @@ Send asset to destination account * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1750,7 +1778,7 @@ Send asset to destination account Set account options like flags, signers, and home domain -**Usage:** `stellar tx new set-options [OPTIONS] --source-account ` +**Usage:** `stellar tx new set-options [OPTIONS]` ###### **Options:** @@ -1765,6 +1793,8 @@ Set account options like flags, signers, and home domain * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1794,7 +1824,7 @@ Set account options like flags, signers, and home domain Configure authorization and trustline flags for an asset -**Usage:** `stellar tx new set-trustline-flags [OPTIONS] --source-account --trustor --asset ` +**Usage:** `stellar tx new set-trustline-flags [OPTIONS] --trustor --asset ` ###### **Options:** @@ -1809,6 +1839,8 @@ Configure authorization and trustline flags for an asset * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1863,7 +1895,7 @@ Add Operation to a transaction Transfer XLM balance to another account and remove source account -**Usage:** `stellar tx operation add account-merge [OPTIONS] --source-account --account [TX_XDR]` +**Usage:** `stellar tx operation add account-merge [OPTIONS] --account [TX_XDR]` ###### **Arguments:** @@ -1883,6 +1915,8 @@ Transfer XLM balance to another account and remove source account * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1897,7 +1931,7 @@ Transfer XLM balance to another account and remove source account Bump sequence number to invalidate older transactions -**Usage:** `stellar tx operation add bump-sequence [OPTIONS] --source-account --bump-to [TX_XDR]` +**Usage:** `stellar tx operation add bump-sequence [OPTIONS] --bump-to [TX_XDR]` ###### **Arguments:** @@ -1917,6 +1951,8 @@ Bump sequence number to invalidate older transactions * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1931,7 +1967,7 @@ Bump sequence number to invalidate older transactions Create, update, or delete a trustline -**Usage:** `stellar tx operation add change-trust [OPTIONS] --source-account --line [TX_XDR]` +**Usage:** `stellar tx operation add change-trust [OPTIONS] --line [TX_XDR]` ###### **Arguments:** @@ -1951,6 +1987,8 @@ Create, update, or delete a trustline * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -1968,7 +2006,7 @@ Create, update, or delete a trustline Create and fund a new account -**Usage:** `stellar tx operation add create-account [OPTIONS] --source-account --destination [TX_XDR]` +**Usage:** `stellar tx operation add create-account [OPTIONS] --destination [TX_XDR]` ###### **Arguments:** @@ -1988,6 +2026,8 @@ Create and fund a new account * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -2005,7 +2045,7 @@ Create and fund a new account Set, modify, or delete account data entries -**Usage:** `stellar tx operation add manage-data [OPTIONS] --source-account --data-name [TX_XDR]` +**Usage:** `stellar tx operation add manage-data [OPTIONS] --data-name [TX_XDR]` ###### **Arguments:** @@ -2025,6 +2065,8 @@ Set, modify, or delete account data entries * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -2040,7 +2082,7 @@ Set, modify, or delete account data entries Send asset to destination account -**Usage:** `stellar tx operation add payment [OPTIONS] --source-account --destination --amount [TX_XDR]` +**Usage:** `stellar tx operation add payment [OPTIONS] --destination --amount [TX_XDR]` ###### **Arguments:** @@ -2060,6 +2102,8 @@ Send asset to destination account * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -2078,7 +2122,7 @@ Send asset to destination account Set account options like flags, signers, and home domain -**Usage:** `stellar tx operation add set-options [OPTIONS] --source-account [TX_XDR]` +**Usage:** `stellar tx operation add set-options [OPTIONS] [TX_XDR]` ###### **Arguments:** @@ -2098,6 +2142,8 @@ Set account options like flags, signers, and home domain * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -2127,7 +2173,7 @@ Set account options like flags, signers, and home domain Configure authorization and trustline flags for an asset -**Usage:** `stellar tx operation add set-trustline-flags [OPTIONS] --source-account --trustor --asset [TX_XDR]` +**Usage:** `stellar tx operation add set-trustline-flags [OPTIONS] --trustor --asset [TX_XDR]` ###### **Arguments:** @@ -2147,6 +2193,8 @@ Configure authorization and trustline flags for an asset * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path @@ -2214,7 +2262,7 @@ Sign a transaction envelope appending the signature to the envelope Simulate a transaction envelope from stdin -**Usage:** `stellar tx simulate [OPTIONS] --source-account [TX_XDR]` +**Usage:** `stellar tx simulate [OPTIONS] [TX_XDR]` ###### **Arguments:** @@ -2227,6 +2275,8 @@ Simulate a transaction envelope from stdin * `--network-passphrase ` — Network passphrase to sign the transaction sent to the rpc server * `-n`, `--network ` — Name of network to use from config * `-s`, `--source-account ` [alias: `source`] — Account that where transaction originates from. Alias `source`. Can be an identity (--source alice), a public key (--source GDKW...), a muxed account (--source MDA…), a secret key (--source SC36…), or a seed phrase (--source "kite urban…"). If `--build-only` or `--sim-only` flags were NOT provided, this key will also be used to sign the final transaction. In that case, trying to sign with public key will fail + + Default value: `default` * `--global` — Use global config * `--config-dir ` — Location of config directory, default is "." * `--sign-with-key ` — Sign with a local key or key saved in OS secure storage. Can be an identity (--sign-with-key alice), a secret key (--sign-with-key SC36…), or a seed phrase (--sign-with-key "kite urban…"). If using seed phrase, `--hd-path` defaults to the `0` path From 131b991047bb84b211aa07bed7267838a9fae3fe Mon Sep 17 00:00:00 2001 From: Hakeem Kazeem Date: Sun, 27 Jul 2025 19:33:49 +0100 Subject: [PATCH 6/6] rndomly generate a key, no fixed test key --- cmd/soroban-cli/src/config/mod.rs | 45 +++++++++++++++---------------- 1 file changed, 21 insertions(+), 24 deletions(-) diff --git a/cmd/soroban-cli/src/config/mod.rs b/cmd/soroban-cli/src/config/mod.rs index 5aac3fa4a0..f1767ec9b1 100644 --- a/cmd/soroban-cli/src/config/mod.rs +++ b/cmd/soroban-cli/src/config/mod.rs @@ -85,30 +85,27 @@ impl Args { match &self.source_account { Some(UnresolvedMuxedAccount::AliasOrSecret(alias)) if alias == "default" => { let default_name = KeyName("default".to_string()); - if self.locator.read_identity(&default_name).is_err() { - println!("Generating new default account"); - let network = self.network.get(&self.locator)?; - let should_fund = network.network_passphrase == network::passphrase::TESTNET; - let generate_cmd = generate::Cmd { - name: default_name.clone(), - // #[cfg(feature = "version_lt_23")] - // no_fund: !should_fund, - seed: None, // Random seed for security - as_secret: false, - secure_store: false, - config_locator: self.locator.clone(), - hd_path: None, - network: self.network.clone(), - fund: should_fund, - overwrite: false, // Prevent overwriting - }; - let _ = generate_cmd - .run(&global::Args { - quiet: true, - ..Default::default() - }) - .await; - } + let network = self.network.get(&self.locator)?; + let should_fund = network.network_passphrase == network::passphrase::TESTNET; + let generate_cmd = generate::Cmd { + name: default_name.clone(), + // #[cfg(feature = "version_lt_23")] + // no_fund: !should_fund, + seed: None, // Random seed for security + as_secret: false, + secure_store: false, + config_locator: self.locator.clone(), + hd_path: None, + network: self.network.clone(), + fund: should_fund, + overwrite: true, + }; + let _ = generate_cmd + .run(&global::Args { + quiet: true, + ..Default::default() + }) + .await; Ok(UnresolvedMuxedAccount::AliasOrSecret("default".to_string()) .resolve_muxed_account(&self.locator, self.hd_path()) .await?)