Multi-sig signing of ContractUpdate transactions

[DOBEN]

Task description

Concordium has support for native multi-sig accounts. The goal is to make this feature easily accessible. In particular, person A should be able to sign (not sign and send) a transaction with concordium-client and person B should be able to append/pass-in its own signature when signing_and_sending a transaction on-chain.

Using the multi-sig accounts feature via SDK is currently possible (a bit hacky): https://gist.github.com/DOBEN/683fe1a7c82a0551546a7ec242d30cc0

Related to: https://github.com/Concordium/concordium-client/issues/38

[abizjak]

I think this is a duplicate of #38 not just related to it.

What I imagined would be simplest and would work reasonably well is to be able to do the following

concordium-client contract update/send --signers 0:1,0:2,0:3 --tx-out output.bin/json

where the client will tell you "we don't have signers 0:2 and 0:3, the output is only a partially signed transaction.

Then we would add an additonal subcommand to transaction, something like

concordium-client transaction add-signature output.bin --signer 0:2 --tx-out signed-tx.bin

This would display the partially signed transaction output.bin and ask the user to sign it.

So this would work generically for any transaction.

[DOBEN]

The full flow would be:

Step 1:

I suggest adding an optional --no-submit flag to toggle between sending or NOT sending the transaction on-chain:

concordium-client contract update --signers 0:1,0:2,0:3 --tx-out output.bin/json --no-submit

Alternativly, adding a new sign command to all transaction types that will NOT send the transaction on-chain would also work:

concordium-client contract sign --signers 0:1,0:2,0:3 --tx-out output.bin/json

Step 2:

Adding additional signatures with

concordium-client transaction add-signature output.bin --signer 0:2 --tx-out signed-tx.bin/signed-tx.json

Step 3:

Submitting the fully signed transaction on chain:

concordium-client transaction submit signed-tx.bin

[abizjak]

So the issue is that you will then need multiple "sign" commands, because the transactions are not all under the "transaction" command, e.g., contract updates are under contract, baker stuff is under baker. I don't think this is a good solution.

We already have almost all the options with the existing commands, so it's better to refine it. It'll also be much more straightforward to implement because all "transaction" command share the same command line parser and options.

[DOBEN]

The introduction of the sign command was an alternative solution to avoid using an extra --no-submit flag but it would mean a lot more code (since we need to add an extra subcommand sign for every type of transaction that we have). To simplify the task, let's go with just an optional flag --outFile.

The current flow would be:

Step 1:

Signig the transaction but not sending it on-chain

concordium-client contract update --signers "0:1,0:2,0:3" --outFile signed-tx.json

Step 2:

Adding additional signatures with

concordium-client transaction add-signature signed-tx.json --signer "0:2"

Step 3:

Submitting the fully signed transaction on-chain:

concordium-client transaction submit signed-tx.json

[DOBEN]

closing since it is implemented now