multisig icon indicating copy to clipboard operation
multisig copied to clipboard
verified publisher icon informalsystems

Check if key is part of multisig before signing

Open ebuchman opened this issue 3 years ago • 2 comments

This is ultimately an issue for the SDK but maybe there's something we can do in the meantime in multisig: https://github.com/cosmos/cosmos-sdk/issues/12328

ebuchman avatar Jun 21 '22 18:06 ebuchman

possibly use the keys show [multisig address] cli command and parse it

andynog avatar Jun 21 '22 18:06 andynog

I have a little concern regarding using the keys show command. The thing is that if the keyring (or several of its elements) is password-protected (which might be a case for at least some users), even reading information about multisig might require password typing. Requiring typing passwords more times than it really necessary just for additional checks can bother users. My proposal is to try getting data on-chain (via query account [multisig address]) by default. For multisig accounts this command returns the list of pubkeys so one can check if a specific address belongs to multisig. Pros:

  1. Doesn't require keyring access
  2. Reliable way of getting data

Cons:

  1. Requires having an access to an RPC
  2. Requires multisig to have at least one transaction

So, my idea is that multisig tool can try to access data from the chain and if it fails (because of lack of RPC access or present transactions) then use data from the keyring.

oldremez avatar Aug 19 '22 16:08 oldremez