@duroo/wallet-cli
v0.3.0
Published
Duroo wallet CLI for the Maroo ZeroDev Kernel passkey PoC.
Readme
@duroo/wallet-cli
Duroo wallet CLI for the Maroo ZeroDev Kernel passkey PoC.
Install
npm install -g @duroo/wallet-cliCommands
User commands:
duroo user create-passkey --port 5174
duroo user authorize-wallet-activation \
--network testnet-dev \
--output wallet-activation-authorization.json
unset EOA_PRIVATE_KEY
duroo user request-wallet-activation \
--input wallet-activation-authorization.json \
--output wallet-activation-request.json
duroo user add-passkey \
--network testnet-dev \
--delegated-eoa "$DELEGATED_EOA"
duroo user send \
--network testnet-dev \
--delegated-eoa "$DELEGATED_EOA" \
--to "$RECIPIENT" \
--value 0add-passkey and send only sign with the passkey (no private key, no artifact file), so they can't derive the delegated EOA address on their own — pass --delegated-eoa or export DELEGATED_EOA first.
Admin command:
duroo admin submit-wallet-activation \
--network testnet-dev \
--input wallet-activation-request.json--beneficiary is optional and defaults to the address derived from OPERATOR_PRIVATE_KEY.
Config overrides
Every value normally read from the environment can also be passed as a CLI flag, taking precedence over the environment variable and --network default:
| Flag | Env var |
| --- | --- |
| --rpc-url | COSMOS_EVM_RPC_URL |
| --bundler-rpc-url | RUNDLER_RPC_URL |
| --chain-id | CHAIN_ID |
| --entry-point | ENTRYPOINT_V09 |
| --delegated-eoa | DELEGATED_EOA |
| --private-key | EOA_PRIVATE_KEY (on user authorize-wallet-activation) or OPERATOR_PRIVATE_KEY (on admin submit-wallet-activation) |
Safety
create-passkey only creates a WebAuthn passkey and saves metadata to .passkey-wallet/credential.json; it does not use an EOA key, create a passkey assertion, or send a transaction. authorize-wallet-activation reads that metadata and creates the intermediate EOA-signed wallet-activation-authorization.json without creating or asserting a passkey. After unsetting EOA_PRIVATE_KEY, request-wallet-activation creates the final passkey-signed wallet-activation-request.json.
Keep the credential file and intermediate authorization artifact on the user machine. Send only the final request artifact to the operator through a protected channel. Do not commit .env, private keys, credential metadata, or generated activation/debug JSON files.
