feat(hwi): add hwi sign subcommand

- add signing psbt with hardware wallet

Author: tvpeter

Cargo.lock

@@ -127,6 +127,14 @@ pub enum CliSubCommand {
         /// Optional key: xprv, xpub, or mnemonic phrase
         key: Option<String>,
     },
+    /// Hardware wallet interface operations.
+    #[cfg(feature = "hwi")]
+    Hwi {
+        #[command(flatten)]
+        wallet_opts: WalletOpts,
+        #[clap(subcommand)]
+        subcommand: HwiSubCommand,
+    },
 }
 /// Wallet operation subcommands.
 #[derive(Debug, Subcommand, Clone, PartialEq)]
@@ -396,12 +404,6 @@ pub enum OfflineWalletSubCommand {
         #[arg(env = "BASE64_PSBT", required = true)]
         psbt: Vec<String>,
     },
-    #[cfg(feature = "hwi")]
-    /// Hardware wallet interface operations.
-    Hwi {
-        #[clap(subcommand)]
-        subcommand: HwiSubCommand,
-    },
 }
 
 /// Wallet subcommands that needs a blockchain backend.
@@ -490,6 +492,11 @@ pub enum HwiSubCommand {
     Register,
     /// Generate address
     Address,
+    /// Sign PSBT with hardware wallet
+    Sign {
+        /// The base64-encoded PSBT to sign
+        psbt: String,
+    },
 }
 
 /// Subcommands available in REPL mode.

src/commands.rs

@@ -21,6 +21,8 @@ use bdk_redb::Store as RedbStore;
 use bdk_wallet::bip39::{Language, Mnemonic};
 use bdk_wallet::bitcoin::base64::Engine;
 use bdk_wallet::bitcoin::base64::prelude::BASE64_STANDARD;
+#[cfg(feature = "hwi")]
+use bdk_wallet::bitcoin::hex::DisplayHex;
 use bdk_wallet::bitcoin::{
     Address, Amount, FeeRate, Network, Psbt, Sequence, Txid,
     bip32::{DerivationPath, KeySource},
@@ -29,8 +31,6 @@ use bdk_wallet::bitcoin::{
     secp256k1::Secp256k1,
 };
 use bdk_wallet::chain::ChainPosition;
-#[cfg(feature = "hwi")]
-use bdk_wallet::bitcoin::hex::DisplayHex;
 use bdk_wallet::descriptor::Segwitv0;
 use bdk_wallet::keys::{
     DerivableKey, DescriptorKey, DescriptorKey::Secret, ExtendedKey, GeneratableKey, GeneratedKey,
@@ -88,7 +88,7 @@ const NUMS_UNSPENDABLE_KEY_HEX: &str =
 /// Execute an offline wallet sub-command
 ///
 /// Offline wallet sub-commands are described in [`OfflineWalletSubCommand`].
-pub async fn handle_offline_wallet_subcommand(
+pub fn handle_offline_wallet_subcommand(
     wallet: &mut Wallet,
     wallet_opts: &WalletOpts,
     cli_opts: &CliOpts,
@@ -582,56 +582,6 @@ pub async fn handle_offline_wallet_subcommand(
                 &json!({ "psbt": BASE64_STANDARD.encode(final_psbt.serialize()) }),
             )?)
         }
-        #[cfg(feature = "hwi")]
-        Hwi { subcommand } => match subcommand {
-            HwiSubCommand::Devices => {
-                let device = crate::utils::connect_to_hardware_wallet(
-                    wallet.network(),
-                    wallet_opts,
-                    Some(wallet),
-                )
-                .await?;
-                let device = if let Some(device) = device {
-                    json!({
-                        "type": device.device_kind().to_string(),
-                        "fingerprint": device.get_master_fingerprint().await?.to_string(),
-                        "model": device.device_kind().to_string(),
-                    })
-                } else {
-                    json!(null)
-                };
-                Ok(json!({ "devices": device }))
-            }
-            HwiSubCommand::Register => {
-                let policy = wallet_opts.ext_descriptor.clone().ok_or_else(|| {
-                    Error::Generic(
-                        "External descriptor required for wallet registration".to_string(),
-                    )
-                })?;
-                let wallet_name = wallet_opts.wallet.clone().ok_or_else(|| {
-                    Error::Generic("Wallet name is required for wallet registration".to_string())
-                })?;
-
-                let device = crate::utils::connect_to_hardware_wallet(
-                    wallet.network(),
-                    wallet_opts,
-                    Some(wallet),
-                )
-                .await?;
-                let hmac = if let Some(device) = device {
-                    let hmac = device.register_wallet(&wallet_name, &policy).await?;
-                    hmac.map(|h| h.to_lower_hex_string())
-                } else {
-                    None
-                };
-                //TODO: return status of wallet registration
-                Ok(json!({ "hmac": hmac }))
-            }
-            HwiSubCommand::Address => {
-                let address = wallet.next_unused_address(KeychainKind::External);
-                Ok(json!({ "address": address.address }))
-            }
-        },
     }
 }
 
@@ -1096,6 +1046,138 @@ pub(crate) fn handle_compile_subcommand(
     }
 }
 
+/// Handle hardware wallet operations
+#[cfg(feature = "hwi")]
+pub async fn handle_hwi_subcommand(
+    network: Network,
+    wallet_opts: &WalletOpts,
+    subcommand: HwiSubCommand,
+) -> Result<serde_json::Value, Error> {
+    match subcommand {
+        HwiSubCommand::Devices => {
+            let devices = crate::utils::connect_to_hardware_wallet(
+                wallet.network(),
+                wallet_opts,
+                Some(wallet),
+            )
+            .await?;
+            let device = if let Some(device) = device {
+                json!({
+                    "type": device.device_kind().to_string(),
+                    "fingerprint": device.get_master_fingerprint().await?.to_string(),
+                    "model": device.device_kind().to_string(),
+                })
+            } else {
+                json!(null)
+            };
+            Ok(json!({ "devices": device }))
+        }
+        HwiSubCommand::Register => {
+            let policy = wallet_opts.ext_descriptor.clone().ok_or_else(|| {
+                Error::Generic("External descriptor required for wallet registration".to_string())
+            })?;
+            let wallet_name = wallet_opts.wallet.clone().ok_or_else(|| {
+                Error::Generic("Wallet name is required for wallet registration".to_string())
+            })?;
+
+            let home_dir = prepare_home_dir(None)?;
+            let database_path = prepare_wallet_db_dir(&wallet_opts.wallet, &home_dir)?;
+            #[cfg(feature = "sqlite")]
+            let wallet = {
+                let mut persister = match &wallet_opts.database_type {
+                    DatabaseType::Sqlite => {
+                        let db_file = database_path.join("wallet.sqlite");
+                        let connection = Connection::open(db_file)?;
+                        log::debug!("Sqlite database opened successfully");
+                        connection
+                    }
+                };
+                let mut wallet = new_persisted_wallet(network, &mut persister, wallet_opts)?;
+                wallet.persist(&mut persister)?;
+                wallet
+            };
+            #[cfg(not(feature = "sqlite"))]
+            let wallet = new_wallet(network, wallet_opts)?;
+
+            let device = crate::utils::connect_to_hardware_wallet(
+                wallet.network(),
+                wallet_opts,
+                Some(wallet),
+            )
+            .await?;
+            let hmac = if let Some(device) = device {
+                let hmac = device.register_wallet(&wallet_name, &policy).await?;
+                hmac.map(|h| h.to_lower_hex_string())
+            } else {
+                None
+            };
+            Ok(json!({ "hmac": hmac }))
+        }
+        HwiSubCommand::Address => {
+            let home_dir = prepare_home_dir(None)?;
+            let database_path = prepare_wallet_db_dir(&wallet_opts.wallet, &home_dir)?;
+            #[cfg(feature = "sqlite")]
+            let wallet = {
+                let mut persister = match &wallet_opts.database_type {
+                    DatabaseType::Sqlite => {
+                        let db_file = database_path.join("wallet.sqlite");
+                        let connection = Connection::open(db_file)?;
+                        log::debug!("Sqlite database opened successfully");
+                        connection
+                    }
+                };
+                let mut wallet = new_persisted_wallet(network, &mut persister, wallet_opts)?;
+                wallet.persist(&mut persister)?;
+                wallet
+            };
+            #[cfg(not(feature = "sqlite"))]
+            let wallet = new_wallet(network, wallet_opts)?;
+
+            let address = wallet.next_unused_address(KeychainKind::External);
+            Ok(json!({ "address": address.address }))
+        }
+        HwiSubCommand::Sign { psbt } => {
+            let home_dir = prepare_home_dir(None)?;
+            let database_path = prepare_wallet_db_dir(&wallet_opts.wallet, &home_dir)?;
+            #[cfg(feature = "sqlite")]
+            let wallet = {
+                let mut persister = match &wallet_opts.database_type {
+                    DatabaseType::Sqlite => {
+                        let db_file = database_path.join("wallet.sqlite");
+                        let connection = Connection::open(db_file)?;
+                        log::debug!("Sqlite database opened successfully");
+                        connection
+                    }
+                };
+                let mut wallet = new_persisted_wallet(network, &mut persister, wallet_opts)?;
+                wallet.persist(&mut persister)?;
+                wallet
+            };
+            #[cfg(not(feature = "sqlite"))]
+            let wallet = new_wallet(network, wallet_opts)?;
+
+            let mut psbt = Psbt::from_str(&psbt)
+                .map_err(|e| Error::Generic(format!("Failed to parse PSBT: {e}")))?;
+            let device = crate::utils::connect_to_hardware_wallet(
+                wallet.network(),
+                wallet_opts,
+                Some(wallet),
+            )
+            .await?;
+            let signed_psbt = if let Some(device) = device {
+                device
+                    .sign_tx(&mut psbt)
+                    .await
+                    .map_err(|e| Error::Generic(format!("Failed to sign PSBT: {e}")))?;
+                Some(psbt.to_string())
+            } else {
+                None
+            };
+            Ok(json!({ "psbt": signed_psbt }))
+        }
+    }
+}
+
 /// The global top level handler.
 pub(crate) async fn handle_command(cli_opts: CliOpts) -> Result<String, Error> {
     let network = cli_opts.network;
@@ -1197,9 +1279,12 @@ pub(crate) async fn handle_command(cli_opts: CliOpts) -> Result<String, Error> {
                 };
 
                 let mut wallet = new_persisted_wallet(network, &mut persister, wallet_opts)?;
-                let result =
-                    handle_offline_wallet_subcommand(&mut wallet, wallet_opts, &cli_opts, offline_subcommand.clone())
-                        .await?;
+                let result = handle_offline_wallet_subcommand(
+                    &mut wallet,
+                    wallet_opts,
+                    &cli_opts,
+                    offline_subcommand.clone(),
+                );
                 wallet.persist(&mut persister)?;
                 result
             };
@@ -1213,7 +1298,7 @@ pub(crate) async fn handle_command(cli_opts: CliOpts) -> Result<String, Error> {
                     offline_subcommand.clone(),
                 )?
             };
-            Ok(result)
+            Ok(result?)
         }
         CliSubCommand::Key {
             subcommand: key_subcommand,
@@ -1345,9 +1430,9 @@ async fn respond(
         ReplSubCommand::Wallet {
             subcommand: WalletSubCommand::OfflineWalletSubCommand(offline_subcommand),
         } => {
-            let value = handle_offline_wallet_subcommand(wallet, wallet_opts, cli_opts, offline_subcommand)
-                .await
-                .map_err(|e| e.to_string())?;
+            let value =
+                handle_offline_wallet_subcommand(wallet, wallet_opts, cli_opts, offline_subcommand)
+                    .map_err(|e| e.to_string())?;
             Some(value)
         }
         ReplSubCommand::Key { subcommand } => {

src/handlers.rs

@@ -23,6 +23,7 @@ use bdk_kyoto::{
     BuilderExt, Info, LightClient, Receiver, ScanType::Sync, UnboundedReceiver, Warning,
     builder::Builder,
 };
+use bdk_wallet::bitcoin::{Address, Network, OutPoint, ScriptBuf};
 use bdk_wallet::{
     KeychainKind,
     bitcoin::bip32::{DerivationPath, Xpub},
@@ -34,17 +35,16 @@ use bdk_wallet::{
     template::DescriptorTemplate,
 };
 use cli_table::{Cell, CellStruct, Style, Table};
-use bdk_wallet::bitcoin::{Address, Network, OutPoint, ScriptBuf};
 #[cfg(feature = "hwi")]
 use {
     async_hwi::jade::{self, Jade},
     async_hwi::ledger::{HidApi, LedgerSimulator},
     async_hwi::specter::{Specter, SpecterSimulator},
+    async_hwi::{HWI, coldcard},
     async_hwi::{
         bitbox::api::runtime,
         bitbox::{BitBox02, PairingBitbox02WithLocalCache},
     },
-    async_hwi::{coldcard, HWI},
 };
 
 #[cfg(any(
@@ -644,7 +644,7 @@ pub fn format_descriptor_output(result: &Value, pretty: bool) -> Result<String,
     Ok(format!("{table}"))
 }
 
-#[cfg(feature="hwi")]
+#[cfg(feature = "hwi")]
 pub async fn connect_to_hardware_wallet(
     network: Network,
     wallet_opts: &WalletOpts,