Rootstock Rust CLI

A command-line interface (CLI) tool written in Rust for interacting with the Rootstock (Rootstock) blockchain.
This tool provides comprehensive functionality to connect to an Ethereum-compatible RPC endpoint and manage wallets, query balances, send transactions, and interact with the Rootstock network.

Features

Wallet Management

• Create new wallets with custom names
• Import existing wallets using private keys
• Switch between multiple wallets
• Backup and restore wallet data
• List all available wallets
• Rename or delete wallets

Asset Management

• Check RBTC balance for any address
• View token balances (supports all ERC-20 tokens)
• Add custom tokens to your wallet
• Remove unwanted tokens from your token list

Transactions

• Send RBTC to any address
• Transfer ERC-20 tokens
• View transaction history with filtering options
• Check transaction status
• Bulk transfer functionality

Contact Management

• Save frequently used addresses as contacts
• Add notes and tags to contacts
• Search through your contacts
• Update or remove existing contacts
• Import/export contact lists

Network & Configuration

• Switch between Mainnet and Testnet
• Configure custom RPC endpoints
• Manage API keys with validation for Rootstock networks
• View network status and connection details
• Offline functionality for wallet and contact management

🛠️ Installation

Prerequisites

• Rust (latest stable version)
• Git
• Cargo (comes with Rust)

Building from Source

1. Clone the repository:

   git clone https://github.com/rsksmart/rsk-rust-cli.git
   cd rsk-rust-cli

2. Build the project:

   cargo build --release

3. Run the application:

   # For development
   cargo run
   
   # For production
   ./target/release/rsk-rust-cli

⚙️ Configuration

The wallet automatically handles configuration through an interactive setup wizard when you first run it. You can also manage your configuration at any time using the interactive menu:

🎮 Usage

Interactive Mode

The wallet features an intuitive interactive interface. Simply run:

cargo run

📋 Individual Feature Demos

For detailed walkthroughs of specific features:

First Time Setup

Wallet Features

Create Wallet, Importing Existing Wallet, List Wallets, Switch Wallets, Delete Wallet & Rename Wallet

Check Balance of RBTC and ERC-20 Tokens

Check your RBTC and ERC-20 token balances (e.g., RIF).

Send Funds

Transfer RBTC from one wallet to another (e.g., from personal to lock wallet). View example transaction on explorer

Set API Key

Configure and validate your API key for accessing transaction history and status checking.

Transaction History(make sure alchemy api key is set)

Check Transaction Status

You can also view it at View Transaction

Bulk Transfer

Send multiple transactions at once.

View Transaction 1 , View Transaction 2

Token Management

Add, list, and delete tokens from your wallet.

Contact

Add, list, and delete contacts from your address book.

🔍 Troubleshooting

Common Issues

Transaction Failures

• Ensure you have enough RBTC for gas fees
• Verify recipient address format (0x...)
• Check network compatibility (mainnet/testnet)

Connection Issues

• Verify your internet connection
• App automatically switches to offline mode when network unavailable
• Limited functionality available offline (wallet management, contacts, tokens)

API Key Issues

• Ensure API key is valid for the selected network (mainnet/testnet)
• Keys are validated against Rootstock RPC endpoints
• Invalid keys will show clear error messages

Wallet Issues

• Confirm wallet file exists at ~/.local/share/rsk-rust-cli/
• Check file permissions if access is denied
• Ensure you're using the correct network (mainnet/testnet)

Resources

• Rootstock Documentation
• RSK Smart Contracts
• RSK Developer Portal
• Issue Tracker

Security

This application handles private keys and financial transactions. Security measures include:

• Encryption: AES-256-GCM encryption for private keys with authenticated encryption
• File Security: Secure file permissions (0o600) for wallet files
• Password Security: Strong password validation with complexity requirements
• Memory Security: Memory zeroization for sensitive data to prevent leaks
• Input Validation: Comprehensive input validation and sanitization
• API Security: API key validation against Rootstock networks
• Offline Security: Core wallet functions available without network exposure

⚠️ Command-Line Security Notice

When using commands that require passwords or private keys as arguments, be aware that:

• Shell History: These values may be stored in your shell history (.bash_history, .zsh_history, etc.)
• Process Listings: They may be visible in process listings (ps aux, top, etc.)
• System Logs: Some systems log command-line arguments

Recommended Security Practices:

1. Use Interactive Mode: The interactive mode prompts for sensitive data securely without exposing it in command history
2. Clear Shell History: After entering sensitive commands, clear your shell history:

   history -c  # Clear current session
   history -w  # Write empty history to file

3. Use Environment Variables: For automation, use environment variables instead of command-line arguments
4. Avoid Production Use: For production environments, use secure secret management systems

Example - Secure vs Insecure:

# ❌ INSECURE - Password visible in history
rsk-rust-cli wallet create myWallet myPassword123

# ✅ SECURE - Use interactive mode
cargo run
# Then select "Wallet Management" and follow prompts

Dependency Status: All security vulnerabilities resolved. Minor unmaintained dependency warnings (derivative, paste) are transitive dependencies via Alloy and pose no security risk.

Contributing

We welcome contributions from the community. Please fork the repository and submit pull requests with your changes. Ensure your code adheres to the project's main objective.

Support

For any questions or support, please open an issue on the repository or reach out to the maintainers.

Disclaimer

The software provided in this GitHub repository is offered "as is," without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose, and non-infringement.

• Testing: The software has not undergone testing of any kind, and its functionality, accuracy, reliability, and suitability for any purpose are not guaranteed.
• Use at Your Own Risk: The user assumes all risks associated with the use of this software. The author(s) of this software shall not be held liable for any damages, including but not limited to direct, indirect, incidental, special, consequential, or punitive damages arising out of the use of or inability to use this software, even if advised of the possibility of such damages.
• No Liability: The author(s) of this software are not liable for any loss or damage, including without limitation, any loss of profits, business interruption, loss of information or data, or other pecuniary loss arising out of the use of or inability to use this software.
• Sole Responsibility: The user acknowledges that they are solely responsible for the outcome of the use of this software, including any decisions made or actions taken based on the software's output or functionality.
• No Endorsement: Mention of any specific product, service, or organization does not constitute or imply endorsement by the author(s) of this software.
• Modification and Distribution: This software may be modified and distributed under the terms of the license provided with the software. By modifying or distributing this software, you agree to be bound by the terms of the license.
• Assumption of Risk: By using this software, the user acknowledges and agrees that they have read, understood, and accepted the terms of this disclaimer and assumes all risks associated with the use of this software.