Home / Vacuum Labs / cardano-hw-cli
Insights Pull Requests
May 30, 10-11 AM (0)
May 30, 11-12 PM (0)
May 30, 12-1 PM (0)
May 30, 1-2 PM (0)
May 30, 2-3 PM (0)
May 30, 3-4 PM (0)
May 30, 4-5 PM (0)
May 30, 5-6 PM (0)
May 30, 6-7 PM (0)
May 30, 7-8 PM (0)
May 30, 8-9 PM (0)
May 30, 9-10 PM (0)
May 30, 10-11 PM (0)
May 30, 11-12 AM (0)
May 31, 12-1 AM (0)
May 31, 1-2 AM (0)
May 31, 2-3 AM (0)
May 31, 3-4 AM (0)
May 31, 4-5 AM (0)
May 31, 5-6 AM (0)
May 31, 6-7 AM (0)
May 31, 7-8 AM (0)
May 31, 8-9 AM (0)
May 31, 9-10 AM (0)
May 31, 10-11 AM (0)
May 31, 11-12 PM (0)
May 31, 12-1 PM (0)
May 31, 1-2 PM (0)
May 31, 2-3 PM (0)
May 31, 3-4 PM (0)
May 31, 4-5 PM (0)
May 31, 5-6 PM (0)
May 31, 6-7 PM (0)
May 31, 7-8 PM (0)
May 31, 8-9 PM (0)
May 31, 9-10 PM (0)
May 31, 10-11 PM (0)
May 31, 11-12 AM (0)
Jun 01, 12-1 AM (0)
Jun 01, 1-2 AM (0)
Jun 01, 2-3 AM (0)
Jun 01, 3-4 AM (0)
Jun 01, 4-5 AM (0)
Jun 01, 5-6 AM (0)
Jun 01, 6-7 AM (0)
Jun 01, 7-8 AM (0)
Jun 01, 8-9 AM (0)
Jun 01, 9-10 AM (0)
Jun 01, 10-11 AM (0)
Jun 01, 11-12 PM (0)
Jun 01, 12-1 PM (0)
Jun 01, 1-2 PM (0)
Jun 01, 2-3 PM (0)
Jun 01, 3-4 PM (0)
Jun 01, 4-5 PM (0)
Jun 01, 5-6 PM (0)
Jun 01, 6-7 PM (0)
Jun 01, 7-8 PM (0)
Jun 01, 8-9 PM (0)
Jun 01, 9-10 PM (0)
Jun 01, 10-11 PM (0)
Jun 01, 11-12 AM (0)
Jun 02, 12-1 AM (0)
Jun 02, 1-2 AM (0)
Jun 02, 2-3 AM (0)
Jun 02, 3-4 AM (0)
Jun 02, 4-5 AM (0)
Jun 02, 5-6 AM (0)
Jun 02, 6-7 AM (0)
Jun 02, 7-8 AM (0)
Jun 02, 8-9 AM (0)
Jun 02, 9-10 AM (0)
Jun 02, 10-11 AM (0)
Jun 02, 11-12 PM (0)
Jun 02, 12-1 PM (0)
Jun 02, 1-2 PM (0)
Jun 02, 2-3 PM (2)
Jun 02, 3-4 PM (1)
Jun 02, 4-5 PM (0)
Jun 02, 5-6 PM (0)
Jun 02, 6-7 PM (0)
Jun 02, 7-8 PM (0)
Jun 02, 8-9 PM (0)
Jun 02, 9-10 PM (0)
Jun 02, 10-11 PM (0)
Jun 02, 11-12 AM (0)
Jun 03, 12-1 AM (0)
Jun 03, 1-2 AM (0)
Jun 03, 2-3 AM (0)
Jun 03, 3-4 AM (0)
Jun 03, 4-5 AM (0)
Jun 03, 5-6 AM (0)
Jun 03, 6-7 AM (0)
Jun 03, 7-8 AM (0)
Jun 03, 8-9 AM (0)
Jun 03, 9-10 AM (0)
Jun 03, 10-11 AM (0)
Jun 03, 11-12 PM (0)
Jun 03, 12-1 PM (0)
Jun 03, 1-2 PM (0)
Jun 03, 2-3 PM (0)
Jun 03, 3-4 PM (0)
Jun 03, 4-5 PM (0)
Jun 03, 5-6 PM (0)
Jun 03, 6-7 PM (0)
Jun 03, 7-8 PM (0)
Jun 03, 8-9 PM (0)
Jun 03, 9-10 PM (0)
Jun 03, 10-11 PM (0)
Jun 03, 11-12 AM (0)
Jun 04, 12-1 AM (0)
Jun 04, 1-2 AM (0)
Jun 04, 2-3 AM (0)
Jun 04, 3-4 AM (0)
Jun 04, 4-5 AM (0)
Jun 04, 5-6 AM (0)
Jun 04, 6-7 AM (0)
Jun 04, 7-8 AM (0)
Jun 04, 8-9 AM (0)
Jun 04, 9-10 AM (0)
Jun 04, 10-11 AM (0)
Jun 04, 11-12 PM (0)
Jun 04, 12-1 PM (0)
Jun 04, 1-2 PM (0)
Jun 04, 2-3 PM (0)
Jun 04, 3-4 PM (0)
Jun 04, 4-5 PM (0)
Jun 04, 5-6 PM (0)
Jun 04, 6-7 PM (0)
Jun 04, 7-8 PM (0)
Jun 04, 8-9 PM (0)
Jun 04, 9-10 PM (0)
Jun 04, 10-11 PM (0)
Jun 04, 11-12 AM (0)
Jun 05, 12-1 AM (0)
Jun 05, 1-2 AM (0)
Jun 05, 2-3 AM (0)
Jun 05, 3-4 AM (0)
Jun 05, 4-5 AM (0)
Jun 05, 5-6 AM (0)
Jun 05, 6-7 AM (0)
Jun 05, 7-8 AM (0)
Jun 05, 8-9 AM (0)
Jun 05, 9-10 AM (0)
Jun 05, 10-11 AM (0)
Jun 05, 11-12 PM (0)
Jun 05, 12-1 PM (0)
Jun 05, 1-2 PM (0)
Jun 05, 2-3 PM (0)
Jun 05, 3-4 PM (0)
Jun 05, 4-5 PM (0)
Jun 05, 5-6 PM (0)
Jun 05, 6-7 PM (0)
Jun 05, 7-8 PM (0)
Jun 05, 8-9 PM (0)
Jun 05, 9-10 PM (0)
Jun 05, 10-11 PM (0)
Jun 05, 11-12 AM (0)
Jun 06, 12-1 AM (0)
Jun 06, 1-2 AM (0)
Jun 06, 2-3 AM (0)
Jun 06, 3-4 AM (0)
Jun 06, 4-5 AM (0)
Jun 06, 5-6 AM (0)
Jun 06, 6-7 AM (0)
Jun 06, 7-8 AM (0)
Jun 06, 8-9 AM (0)
Jun 06, 9-10 AM (0)
Jun 06, 10-11 AM (0)
3 commits this week May 30, 2026 - Jun 06, 2026
PeterBenc
PeterBenc · · cardano-hw-cli
feat: comprehensive requiresUnrestrictedMode detection 
Previous detection had two problems: it only checked required_signers
without collateral, and that check was wrong — required_signers is
actually allowed in ORDINARY/MULTISIG by the v8 lib (only POOL_REGISTRATION
modes forbid it). Replace with detection that mirrors the lib's per-mode
rejection rules in parsing/transaction.ts:

- Pool registration combined with any other cert (POOL_REGISTRATION_*
  requires a sole pool reg cert; lib AUTO throws CANNOT_DETERMINE).
- Pool registration alongside Plutus signals (mutual exclusion).
- Any cert/withdrawal/voter credential that resolves to a bare KEY_HASH
  (no matching signing file). ORDINARY needs KEY_PATH, MULTISIG needs
  SCRIPT_HASH; nothing else accepts KEY_HASH outside PLUTUS (only
  auto-inferred via collateral or other Plutus signals).
- Mixed KEY_PATH + SCRIPT_HASH signals (lib AUTO can't decide ORDINARY
  vs MULTISIG, throws CANNOT_DETERMINE).
- Pool retirement in a multisig-shape tx (MULTISIG rejects pool retirement).

A new collectCertCredentials helper enumerates the credential fields a
non-unrestricted mode actually validates per cert (stakeCredential,
dRepCredential, coldCredential — but not the hotCredential on
AUTHORIZE_COMMITTEE_HOT, which the lib doesn't constrain per mode).

Known gap: device-owned outputs in a multisig-shape tx (MULTISIG forbids
device-owned outputs). Detecting this needs change-output path → address
resolution and is deferred; the lib catches it with a clear per-rule
error if hit.

Tests rewritten to use the new auto-detect triggers (pool reg + extra
cert; key-hash credential with no matching signing file), constructed by
mutating decoded bodies to avoid hand-crafted CBOR.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
3e86e36f · upgrade-ledgerjs-v8 · 2/197 ++ 18 --
PeterBenc
PeterBenc · · cardano-hw-cli
chore: refresh yarn.lock to cardano-hw-interop-lib 3.1.0 
Recent develop commits (test: network params and usedCostModelLanguages,
feat: pass protocol params to transform transaction) added source code
that uses 3.1.0-only exports (CostModels, PLUTUS_LANGUAGES,
CostModelLanguageName) but didn't refresh yarn.lock, so CI's yarn install
keeps the lockfile-pinned 3.0.2 and tsc fails. The dependency range
^3.0.2 already allows 3.1.0; this commit just re-resolves the lockfile.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
7686bf45 · upgrade-ledgerjs-v8 · 1/3 ++ 3 --
PeterBenc
PeterBenc · · cardano-hw-cli
refactor: --unrestricted -> --allow-unrestricted-mode (auto-apply + assert) 
Rework the user-facing API per review:

- Rename the flag to --allow-unrestricted-mode. It is now a *permission*,
  not a request: it authorizes hw-cli to use unrestricted mode if the tx
  requires it, but never forces it on a tx that doesn't.
- Auto-apply unrestricted mode when the tx structurally requires it (i.e.
  when no other mode would accept it). A new requiresUnrestrictedMode
  helper in util.ts encapsulates the detection; the initial trigger is a
  required_signers field without collateral inputs (ORDINARY and MULTISIG
  forbid required_signers, and PLUTUS is only auto-inferred when collateral
  is present). The set is extensible.
- determineSigningMode no longer takes the flag; it returns UNRESTRICTED
  automatically when required. The permission check now lives in
  commandExecutor: if the inferred mode is UNRESTRICTED, refuse unless
  --allow-unrestricted-mode was passed, and refuse if the connected
  device/app does not support unrestricted signing. The previous "graceful
  ignore + warn" path is removed; the flag is permission so an unsupported
  device must fail (the tx is unsignable anywhere else).
- New errors: UnrestrictedModeRequiredError and
  UnrestrictedModeUnsupportedByDeviceError.
- README and unit tests updated for the new flag and auto-detect semantics.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
5f884b9e · upgrade-ledgerjs-v8 · 8/54 ++ 53 --
Showing 3 of 3 recent commits. Check out Vacuum Labs on GitHub to see more.