Reject --hd-path overrides on Ledger aliases.

Author: fnando

cmd/soroban-cli/src/commands/keys/add.rs

@@ -45,9 +45,6 @@ pub enum Error {
 
     #[error("--hd-path is not valid with a secret key; secret keys cannot be derived")]
     HdPathNotSupportedForSecretKey,
-
-    #[error("--hd-path {0} is out of range for a Ledger account index")]
-    HdPathOutOfRange(usize),
 }
 
 #[derive(Debug, clap::Parser, Clone)]
@@ -94,7 +91,7 @@ pub struct Cmd {
     /// without re-passing the flag. Not valid with `--public-key` or a raw
     /// secret key.
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 }
 
 impl Cmd {
@@ -125,9 +122,10 @@ impl Cmd {
     }
 
     async fn derive_ledger_secret(&self) -> Result<Secret, Error> {
-        let raw = self.hd_path.unwrap_or(0);
-        let index: u32 = raw.try_into().map_err(|_| Error::HdPathOutOfRange(raw))?;
-        let public_key = ledger::new(index).await?.public_key().await?;
+        let public_key = ledger::new(self.hd_path.unwrap_or_default())
+            .await?
+            .public_key()
+            .await?;
         Ok(Secret::Ledger {
             hardware: HardwareKind::Ledger,
             public_key: public_key.to_string(),
@@ -181,7 +179,7 @@ impl Cmd {
     }
 }
 
-fn build_secret(input: &str, hd_path: Option<usize>) -> Result<Secret, Error> {
+fn build_secret(input: &str, hd_path: Option<u32>) -> Result<Secret, Error> {
     let secret: Secret = input.parse()?;
     match (secret, hd_path) {
         (Secret::SecretKey { .. }, Some(_)) => Err(Error::HdPathNotSupportedForSecretKey),
@@ -248,7 +246,7 @@ mod tests {
 
     fn cmd_with_public_key(
         public_key: &str,
-        hd_path: Option<usize>,
+        hd_path: Option<u32>,
     ) -> (tempfile::TempDir, locator::Args, Cmd) {
         let (temp_dir, locator, mut cmd) = set_up_test();
         cmd.public_key = Some(public_key.to_string());

cmd/soroban-cli/src/commands/keys/generate.rs

@@ -55,7 +55,7 @@ pub struct Cmd {
     /// `--secure-store` or plain seed-phrase storage it is persisted on the identity
     /// so later commands derive the same account without re-passing the flag.
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 
     #[command(flatten)]
     pub network: network::Args,

cmd/soroban-cli/src/commands/keys/public_key.rs

@@ -11,9 +11,6 @@ pub enum Error {
 
     #[error(transparent)]
     Ledger(#[from] ledger::Error),
-
-    #[error("--hd-path {0} is out of range for a Ledger account index")]
-    HdPathOutOfRange(usize),
 }
 
 #[derive(Debug, clap::Parser, Clone)]
@@ -26,7 +23,7 @@ pub struct Cmd {
     /// If identity is a seed phrase use this hd path, default is 0.
     /// With --ledger this is the Ledger account index (default 0).
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 
     /// Derive the address from a connected Ledger hardware wallet at
     /// `m/44'/148'/N'`, where `N` defaults to 0 and can be set with
@@ -46,9 +43,10 @@ impl Cmd {
 
     pub async fn public_key(&self) -> Result<stellar_strkey::ed25519::PublicKey, Error> {
         if self.ledger {
-            let raw = self.hd_path.unwrap_or(0);
-            let index: u32 = raw.try_into().map_err(|_| Error::HdPathOutOfRange(raw))?;
-            return Ok(ledger::new(index).await?.public_key().await?);
+            return Ok(ledger::new(self.hd_path.unwrap_or_default())
+                .await?
+                .public_key()
+                .await?);
         }
         let name = self
             .name

cmd/soroban-cli/src/commands/keys/secret.rs

@@ -29,7 +29,7 @@ pub struct Cmd {
 
     /// If identity is a seed phrase use this hd path, default is 0
     #[arg(long, conflicts_with = "phrase")]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 
     #[command(flatten)]
     pub locator: locator::Args,

cmd/soroban-cli/src/commands/ledger/entry/fetch/account.rs

@@ -20,7 +20,7 @@ pub struct Cmd {
 
     /// If identity is a seed phrase use this hd path, default is 0
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 }
 
 #[derive(thiserror::Error, Debug)]

cmd/soroban-cli/src/commands/ledger/entry/fetch/account_data.rs

@@ -24,7 +24,7 @@ pub struct Cmd {
 
     /// If identity is a seed phrase use this hd path, default is 0
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 }
 
 #[derive(thiserror::Error, Debug)]

cmd/soroban-cli/src/commands/ledger/entry/fetch/offer.rs

@@ -24,7 +24,7 @@ pub struct Cmd {
 
     /// If identity is a seed phrase use this hd path, default is 0
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 }
 
 #[derive(thiserror::Error, Debug)]

cmd/soroban-cli/src/commands/ledger/entry/fetch/trustline.rs

@@ -27,7 +27,7 @@ pub struct Cmd {
 
     /// If account is a seed phrase use this hd path, default is 0
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 }
 
 #[derive(thiserror::Error, Debug)]

cmd/soroban-cli/src/commands/message/sign.rs

@@ -62,7 +62,7 @@ pub struct Cmd {
 
     #[arg(long)]
     /// If using a seed phrase to sign, sets which hierarchical deterministic path to use, e.g. `m/44'/148'/{hd_path}`. Example: `--hd-path 1`. Default: `0`
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 
     #[command(flatten)]
     pub locator: locator::Args,

cmd/soroban-cli/src/commands/message/verify.rs

@@ -68,7 +68,7 @@ pub struct Cmd {
 
     /// If public key identity is a seed phrase use this hd path, default is 0
     #[arg(long)]
-    pub hd_path: Option<usize>,
+    pub hd_path: Option<u32>,
 
     #[command(flatten)]
     pub locator: locator::Args,