Witness collection with policy error
Closed this issue · 11 comments
$ cardano-hw-cli transaction witness --tx-body-file /tmp/funds.txbody --hw-signing-file assets/hwpolicy.policy.hwsfile --testnet-magic 8 --out-file /tmp/hwpolicy.witness
Error: Missing payment hardware signing file
$ cat assets/hwpolicy.policy.hwsfile
{
"type": "PaymentHWSigningFileShelley_ed25519",
"description": "Payment Hardware Signing File",
"path": "1855H/1815H/0H",
"cborXPubKeyHex": "58403812865f6859c42eb1eb8ab93c8f0e8783be193d8ef5fe257b567f31b47576c23707c93f6e14b65e174e586993abe87a14bb61fc159af72675d88d013a747563"
}
$ cardano-hw-cli version
Cardano HW CLI Tool version 1.8.0-rc0
Commit hash: 477ae160f0ff2a1515b1709d641f21e9047b58d3Btw, minting and burning Assets directly on the hw-ledger-address is working fine now when using a cli-key based policy.
But trying to generate a witness with a hw-key based policy - which was generated before without a problem- results in an error. Looks like the hw-cli and/or the cardano-app doesn't see the 1855H/1815H/0H path as a correct payment path?
When i try to use also a paymentkey on the same hw-ledger for the witness generation, it goes thru the gui but fails at the end with the following error:
$cardano-hw-cli transaction witness --tx-body-file /tmp/ledger-red.payment.txbody --hw-signing-file assets/hw-nft-policy.policy.hwsfile --hw-signing-file ledger-red.payment.hwsfile --testnet-magic 8 --out-file /tmp/hw-nft-policy.witness
Error: The "path" argument must be of type string or an instance of Buffer or URL. Received undefinedSo something is wrong here... i don't think that it is needed that you have both the policy-key and the payment-key on the same hw-ledger?
@DavidTranDucVL or @janmazak do you have a hint for me?
Try v1.8.0 of hw-cli:
#98
I've messed up the pre-release of ledgerjs on which hw-cli was dependent, but it should be fixed now
(https://github.com/vacuumlabs/ledgerjs-cardano-shelley/releases/download/v4.0.0-multisig-rc5/cardano-foundation-ledgerjs-hw-app-cardano-v4.0.0-rc5.tgz).
@KubqoA said it should make your problem disappear.
Hey @gitmachtl, here is prerelease of the version @janmazak mentioned:
https://github.com/vacuumlabs/cardano-hw-cli/releases/tag/v1.8.0-rc0
@janmazak @DavidTranDucVL Hi thx, but as you can see in my first post, thats exactly the version i used for the testing before. Didn't solve the problem, still getting the "Missing payment hardware signing file" error. I have tried various version of the ledger-app-cardano-shelley. Can you point me to the one that should work? I am sure i have tried all multisig, master, develop versions but maybe i have missed the right one.
When i try to play around with the path in the policy.hwsfile which should be
1855H/1815H/0H
and i change it to things like:
1855H/1815H/0
1855H/1815H/0H/0
1855H/1815H/0H/0/0
The ledger goes thru the whole witness signing, but at the end the hw-cli ends with a "Action rejected by Ledger's security policy" message.
@janmazak @DavidTranDucVL ok, got it working, but the hw-cli is missing some stuff... i made some fast changes to the src/crypto-providers/util.ts file. please give it a deeper look, here is the link to the PR, if there is a mint-key, it should not throw a paymentKeyMissing Error, also the mint and multisig keys were missing in the filter.
PR -> #103
Do you plan to use paths like 1855H/1815H/0H/0/0? Such paths do not conform to https://cips.cardano.org/cips/cip1855/, so HW wallets do not accept them.
Do you plan to use paths like
1855H/1815H/0H/0/0? Such paths do not conform to https://cips.cardano.org/cips/cip1855/, so HW wallets do not accept them.
No, i was just trying to figure out why the hw-cli was throwing the error. Not using any other path then 1855H/1815H/0H. But there were some commands missing in the hw-cli.
Sorry for the delay, if I understand correctly, the issue is that when trying to produce a policy witness it fails because it requires a payment witness as well. I think this is also related to #88. With multisig we allowed creating separate witnesses for multisig signing files, e.g. paths beginning with 1854.
However, I believe we can also allow witnessing for non-multisig transactions in a similar way.
Had a look at your PR #103, but I believe we can fix it in a better way. I will try to draft a solution and I will ping you after.
Sorry for the delay, if I understand correctly, the issue is that when trying to produce a policy witness it fails because it requires a payment witness as well. I think this is also related to #88. With multisig we allowed creating separate witnesses for multisig signing files, e.g. paths beginning with 1854. However, I believe we can also allow witnessing for non-multisig transactions in a similar way. Had a look at your PR #103, but I believe we can fix it in a better way. I will try to draft a solution and I will ping you after.
Thx for the answer. Yes the problem was that collecting the policy witness did not work because hw-cli did not see a payment key within that witness generation so it throw an error. I just did a little modification so it would only throw an error if there is no payment AND no minting key provided. But yes, please take a deeper look at it. With a minting transaction that contains a hw-based policy key, its a bit hard to identify what the user wants to do i guess. Because in a simple example you would need of course to just collect the policy key witness and later the payment key witness. A solution would be to introduce a new parameter to identify the intention like --mint-hw-signing-file or so. And the witness command need than the normal --hw-signing-file or the --mint-hw-signing-file. Or maybe, the solution to check about them like in my little PR is good enough.
I am closing this issue now, was resolved. 👍