The Chorus One Staking CLI is a tool designed to simplify the process of staking or unstaking tokens on variety of blockchain networks.
Under the hood, our staking CLI is based on the Chorus One SDK, therefore you can expect the CLI to support all the networks provided by our SDK.
As of now the CLI supports staking for the following networks:
- Cosmos ecosystem - Networks based on the Cosmos-SDK, for instance: Cosmos Hub, Celestia, Dydx, and more
- Substrate ecosystem - Networks based on the Substrate framework, for instance: Polkadot and Kusama
- Avalanche
- Ethereum
- Solana
- TON
- NEAR
The CLI allows you to sign staking transactions with a Local, or Fireblocks signer which you specify by -s <signer>
flag (default: fireblocks).
Here's a brief overview of the signing flow:
- The CLI parses the configuration file (
config.json
) to gather necessary information such as delegator and validator accounts, gas price etc. - The CLI calls the remote blockchain RPC endpoint to fetch data about the delegator account.
- The CLI calls the signer to retrieve wallet information.
- Based on the RPC response and configuration, the CLI builds an unsigned transaction and prompts the user to approve its signing.
- Upon user approval, the CLI sends the unsigned transaction to the Signer for signing.
- Once the signing response is received, the CLI crafts a blockchain compatible signed transaction using the response data (Public Key and Signature).
- The signed transaction is displayed on the screen and the user is prompted to broadcast the transaction to the network (if the
--broadcast
flag was set). - Upon user approval, the transaction is broadcast through the blockchain RPC and the transaction details are printed on the screen.
In addition to the above, the signed and unsigned transactions are stored in journal.log
for troubleshooting purposes.
{% hint style="info" %}
Note: It is recommended to remove the journal.log
once the intended transactions are executed.
To disable the journal function, use --journal false
{% endhint %}
Before using the CLI, you need to prepare a configuration file with the signer (eg. Firelbocks) wallet account information.
- Fireblocks Signer: You can refer to the Fireblocks API documentation for instructions on how to create an API account.
- For Local Signer: Simply store your mnemonic in the file on the disk and point the configuration to it.
You must instruct the CLI where it can find the Fireblocks API and secret key you have generated via the Fireblocks UI:
-
fireblocks_api_key
: This file contains the API key in the format<hex>-<hex>-<hex>-<hex>-<hex>
. -
fireblocks_secret_key
: This file contains the private key from the CSR generation process. The content of this file likely starts with-----BEGIN PRIVATE KEY-----
.
Example Configuration:
"fireblocks": {
"apiSecretKeyPath": "./fireblocks_secret_key",
"apiKeyPath": "./fireblocks_api_key",
"vaultName": "celestia-wallet",
"assetId": "CELESTIA_TEST"
}
The local signer reads the mnemonic from the disk. In addition, depending on the network, you may need to provide the address deriviation path for the acocunt you wish to sign with.
"localsigner": {
"mnemonicPath": "./mnemonic",
"accounts": [
{
"hdPath": "m/44'/118'/0'/0/0"
}
]
},
To install the necessary dependencies, run the following command using npm:
$ npm install @chorus-one/staking-cli --save --global
Proper configuration is crucial for the tool to function correctly. You should ensure that your configuration file (config.json
) is accurate.
- An example configuration can be found in
config.example.json
.
The most important fields in the configuration are the addresses:
-
validatorAddress
: This is the address of the validator account you want to interact with (e.g. delegate, undelegate, etc.). -
delegatorAddress
: This is the address of your Fireblocks custodied account. You will delegate from this account to the validator account.
There are a few important security measures you should take into account:
- Do not share your Fireblocks API authentication keys with anyone.
- Ensure that you have a proper Transaction Authorization Policy in place. Access to a given vault should be limited for the API account.
- Always review the transaction contents before signing.
This program is provided under the terms of the Apache 2.0 License. See the LICENSE
file for more information.