Closed DOBEN closed 3 months ago
I think this is a duplicate of #38 not just related to it.
What I imagined would be simplest and would work reasonably well is to be able to do the following
concordium-client contract update/send --signers 0:1,0:2,0:3 --tx-out output.bin/json
where the client will tell you "we don't have signers 0:2 and 0:3, the output is only a partially signed transaction.
Then we would add an additonal subcommand to transaction
, something like
concordium-client transaction add-signature output.bin --signer 0:2 --tx-out signed-tx.bin
This would display the partially signed transaction output.bin
and ask the user to sign it.
So this would work generically for any transaction.
The full flow would be:
Step 1:
I suggest adding an optional --no-submit
flag to toggle between sending or NOT sending the transaction on-chain:
concordium-client contract update --signers 0:1,0:2,0:3 --tx-out output.bin/json --no-submit
Alternativly, adding a new sign
command to all transaction types that will NOT send the transaction on-chain would also work:
concordium-client contract sign --signers 0:1,0:2,0:3 --tx-out output.bin/json
Step 2:
Adding additional signatures with
concordium-client transaction add-signature output.bin --signer 0:2 --tx-out signed-tx.bin/signed-tx.json
Step 3:
Submitting the fully signed transaction on chain:
concordium-client transaction submit signed-tx.bin
So the issue is that you will then need multiple "sign" commands, because the transactions are not all under the "transaction" command, e.g., contract updates are under contract, baker stuff is under baker. I don't think this is a good solution.
We already have almost all the options with the existing commands, so it's better to refine it. It'll also be much more straightforward to implement because all "transaction" command share the same command line parser and options.
The introduction of the sign
command was an alternative solution to avoid using an extra --no-submit
flag but it would mean a lot more code (since we need to add an extra subcommand sign
for every type of transaction that we have). To simplify the task, let's go with just an optional flag --outFile
.
The current flow would be:
Step 1:
Signig the transaction but not sending it on-chain
concordium-client contract update --signers "0:1,0:2,0:3" --outFile signed-tx.json
Step 2:
Adding additional signatures with
concordium-client transaction add-signature signed-tx.json --signer "0:2"
Step 3:
Submitting the fully signed transaction on-chain:
concordium-client transaction submit signed-tx.json
closing since it is implemented now
Task description
Concordium has support for native multi-sig accounts. The goal is to make this feature easily accessible. In particular, person A should be able to sign (not sign and send) a transaction with
concordium-client
and person B should be able to append/pass-in its own signature when signing_and_sending a transaction on-chain.Using the multi-sig accounts feature via SDK is currently possible (a bit hacky): https://gist.github.com/DOBEN/683fe1a7c82a0551546a7ec242d30cc0
Related to: https://github.com/Concordium/concordium-client/issues/38