Solana CLI Offline Transactions not working

[gernotpokorny]

Problem

Hello,

I tried a few things with the Solana CLI like, creating a wallet, delegate, transfer and so on and it works fine so far, but what is clearly not working are offline transactions.

This is the verion that I'm running.

$ solana --version
solana-cli 1.16.23 (src:85e3058b; feat:4033350765, client:SolanaLabs)

The first thing I did was create a paper wallet as described here.

First of all what is recipient-keypair.json? Why would I need to specify a keypair (secret and public key if I understand correctly) of the recipient, why not just the public key? In my example I specify the public key instead, because I do not have the private key of the recipient for example if it is an exchange.

Then when I follow the docs which describe offline transactions like this

solana transfer --sign-only --blockhash <blockhash> <recipient-public-key> 0.01

then I get the following error.

Error: Dynamic program error: No default signer found, run "solana-keygen new -o /home/gernot/.config/solana/id.json" to create a new one

Ok, I guess I need to specify --from and --fee-payer right, because I'm using a paperwallet, right? This is what I do now.

solana transfer --from prompt:// --fee-payer  prompt:// --sign-only --blockhash <blockhash> <recipient-public-key> 0.01

then I get an output and no error and an output

Blockhash: <some-hash>
Signers (Pubkey=Signature):
 <some-string>

Then when I try to broadcast the transaction the problem arises. When I do the following as described in the Submitting Offline Signed Transactions to the Network docs, but instead of recipient-keypair.json I again specify the public key, because of the same reason mentioned above

solana transfer --blockhash <blockhash> --signer <signers-output> <recipient-public-key-again> 0.01

I get

error: The following required arguments were not provided:
    <RECIPIENT_ADDRESS>
    <AMOUNT>

USAGE:
    solana transfer <RECIPIENT_ADDRESS> <AMOUNT> --blockhash <BLOCKHASH> --config <FILEPATH> --signer <PUBKEY=SIGNATURE>...

For more information try --help

So the docs are wrong here.

Ok, so I follow what's mentioned in the error message in contrast to the docs and do the following

solana transfer <recipient-public-key-again> 0.01 --blockhash <blockhash> --signer <signers-output>

Then I get

Error: Dynamic program error: No default signer found, run "solana-keygen new -o /home/gernot/.config/solana/id.json" to create a new one

And this is most likely a bug. There is no reason why it should ask for a signer when you want to just broadcast a signed transaction . The whole point of an offline transaction is that you do not need to sign anything on the online device and expose your secret to an online device. I assume this bug is in all Commands Supporting Offline Signing.

Furthermore why do you need to specify a recipient and the amount again when broadcasting the already signed transaction which already includes the amount and recipient? I did the same thing at Ethereum and there you do not need to specify the amount and recipient again when broadcasting the signed transaction since it is already contained in the signed transaction. At Ethereum you just broadcast the signed transaction string, that's it. I guess the same thing can also be said about the block-hash, I don't know? Can you please explain?

And why is in the syntax not a requirement for a nonce when signing the offline transaction like I did above with --sign-only? On an offline PC the CLI cannot obtain the nonce by itself, but I do not get an error when I sign offline. What does it actually input as a nonce when I'm offline? Solana transactions also require a nonce right?

Proposed Solution

• The docu needs to be fixed like mentioned in the problem description
• The bug needs to be fixed which does not allow you to broadcast
• Clearification about the broadcast syntax especially about the recipient and amount requirements
• Clearification about missing nonce requirement when signing the offline transaction on an offline device

Thank you very much

[joncinque]

Thanks for the detailed report! This is a bug.

The command works if you specify the signer at the end, but not in the position that you've put it. Since we specify that the signer can be multiple but we don't cap the number of values in the arg parsing, as soon as it sees --signer it tries to interpret the rest of the args as signers. https://docs.rs/clap/2.34.0/clap/struct.Arg.html#method.multiple explains this more.

I'll put in a change to add number_of_values(1), but that might break other existing users. In the meantime, please specify the signers at the end.

[gernotpokorny]

I already tried to specify --signer at the end as I mentioned in the OP and then I got

Error: Dynamic program error: No default signer found, run "solana-keygen new -o /home/gernot/.config/solana/id.json" to create a new one

It looks like it wants that you sign something, but since this is an offline transaction you cannot sign anything on the online pc, because your secret is not there. You just want to broadcast and not sign anything again.

[joncinque]

When you broadcast the transaction, you must use all of the same parameters: fee payer, from, etc, so when you broadcast, you need to do:

solana transfer --from <FROM_PUBKEY> --fee-payer <FEE_PAYER_PUBKEY> <recipient-public-key-again> 0.01 --blockhash <blockhash> --signer <signers-output>

If it still doesn't work with that, there's definitely a bug.

I'm going to lock this issue. If you still see the bug, please create a new issue.