Stop echoing message body to stderr when signing. (#2520)

fnando · web-flow · commit 12f76e46c039 · 2026-04-24T02:17:14.000Z
diff --git a/cmd/crates/soroban-test/tests/it/message.rs b/cmd/crates/soroban-test/tests/it/message.rs
@@ -196,24 +196,31 @@ fn message_sign_does_not_leak_secret_in_error_output() {
 }
 
 #[test]
-fn message_sign_escapes_control_characters_in_preview() {
+fn message_sign_does_not_echo_message_to_stderr() {
     let sandbox = TestEnv::default();
     let secret_key = "SAKICEVQLYWGSOJS4WW7HZJWAHZVEEBS527LHK5V4MLJALYKICQCJXMW";
-    let malicious = "\x1b[31mRED\x1b[0m";
+    let secret_message = "TOP_SECRET_TOKEN_abc123_DO_NOT_LEAK";
 
     let output = sandbox
         .new_assert_cmd("message")
-        .args(["sign", malicious, "--sign-with-key", secret_key])
+        .args(["sign", secret_message, "--sign-with-key", secret_key])
         .assert()
         .success();
-
     let stderr = String::from_utf8_lossy(&output.get_output().stderr).into_owned();
     assert!(
-        !stderr.contains('\x1b'),
-        "stderr should not contain raw ESC bytes, got: {stderr:?}"
+        !stderr.contains(secret_message),
+        "stderr must not echo the message (arg input), got: {stderr:?}"
     );
+
+    let output = sandbox
+        .new_assert_cmd("message")
+        .write_stdin(secret_message)
+        .args(["sign", "--sign-with-key", secret_key])
+        .assert()
+        .success();
+    let stderr = String::from_utf8_lossy(&output.get_output().stderr).into_owned();
     assert!(
-        stderr.contains("\\x1b"),
-        "stderr should contain escaped ESC as \\x1b, got: {stderr:?}"
+        !stderr.contains(secret_message),
+        "stderr must not echo the message (stdin input), got: {stderr:?}"
     );
 }
diff --git a/cmd/soroban-cli/src/commands/message/sign.rs b/cmd/soroban-cli/src/commands/message/sign.rs
@@ -9,7 +9,6 @@ use crate::{
     config::{locator, secret},
     print::Print,
     signer::{self, Signer},
-    utils::escape_control_characters,
 };
 
 use super::SEP53_PREFIX;
@@ -86,15 +85,6 @@ impl Cmd {
         let signature_base64 = sep_53_sign(&message_bytes, signer)?;
 
         print.infoln(format!("Signer: {public_key}"));
-        let message_display = if self.base64 {
-            BASE64.encode(&message_bytes)
-        } else {
-            String::from_utf8_lossy(&message_bytes).to_string()
-        };
-        print.infoln(format!(
-            "Message: {}",
-            escape_control_characters(&message_display)
-        ));
         println!("{signature_base64}");
         Ok(())
     }
