Update 2025-07 - Enhanced Treasury Withdrawal Security

- Scripts 24a (generate vote) and 24c (query votes) are now displaying the public key of included author signatures for further verification

- Scripts 24a (generate vote) and 24c (query votes) are now doing a check on the special fields `Intersect` inserts into there TreasuryWithdrawals to improve security and find scams. The special fields are within `.body.onChain` of the metadata file.

- Scripts 24a (generate vote) and 24b (query votes) is now showing all withdrawal addresses in TreasuryWithdrawal actions that contains multiple payout destinations

- Script 25b (register action) now also outputs the CIP-129 governance action bech version in addition to the legacy format.

- This update includes cardano-signer 1.26.0

Author: gitmachtl

cardano/mainnet/00_common.sh

@@ -334,7 +334,7 @@ minCardanoSignerVersion="1.24.3"	#minimum version for the cardano-signer binary
 minCatalystToolboxVersion="0.5.0"	#minimum version for the catalyst-toolbox binary
 
 #Defaults - Variables and Constants
-defEra="" #Era for non era related cardano-cli commands
+defEra="latest" #Era for non era related cardano-cli commands
 defTTL=100000 #Default seconds for transactions to be valid
 addrTypePayment="payment"
 addrTypeStake="stake"
@@ -1273,7 +1273,6 @@ IFS='+' read -ra asset_entry <<< "${2}" #split the tx-out string into address, l
 #9+10=conway, 7+8=babbage, 5+6=alonzo, 4=mary, 3=allegra, 2=shelley, 0+1=byron
 local protocolVersionMajor=$(jq -r ".protocolVersion.major | select (.!=null)" <<< ${protocolParam})
 
-
 ### switch the method of the minOutUTXO calculation depending on the current era, starting with protocolVersionMajor>=7 (babbage)
 if [[ ${protocolVersionMajor} -ge 7 ]]; then #7+8=Babbage, 9+10=Conway ..., new since babbage: CIP-0055 -> minOutUTXO depends on the cbor bytes length
 
@@ -1423,6 +1422,10 @@ fi
 #preload it with the minUTXOValue from the parameters, will be overwritten at the end if costs are higher
 local minOutUTXO=${minUTXOValue}
 
+
+
+
+
 if [[ ${#asset_entry[@]} -gt 2 ]]; then #contains assets, do calculations. otherwise leave it at the default value
         local idx=2
 	local pidCollector=""    #holds the list of individual policyIDs
@@ -1722,19 +1725,24 @@ queryLight_committeeState() { #for filtering, ${1} = committeeHASH
 		committeeHashArray=$(jq -r "[ .[0].members[] | select( .cc_cold_hex == \"${committeeHASH}\" or .cc_hot_hex == \"${committeeHASH}\") ]" 2> /dev/null <<< "${jsonJSON}");
 		else
 		committeeHashArray=$(jq -r "[ .[0].members[] ]" 2> /dev/null <<< "${jsonJSON}");
-	 fi
+	fi
 
 	#Get the quorum values
 	local quorum_numerator; local quorum_denominator; local quorum;
 	{ read quorum_numerator; read quorum_denominator; } <<< $(jq -r ".[0].quorum_numerator // \"null\", .[0].quorum_denominator // \"null\"" <<< "${jsonJSON}" 2> /dev/null)
-	if [[ "${quorum_numerator}" == "null" || "${quorum_denominator}" == "null" ]]; then echo -e "Query via Koios-API (${koiosAPI}) failed, missin quorum parameters."; exit 1; fi;
-	quorum=$(bc <<< "scale=2; ${quorum_numerator}/${quorum_denominator}");
+
+	#Check if we are in normal state or in NoConfidence state
+	if [[ "${quorum_numerator}" == "null" || "${quorum_denominator}" == "null" ]]; then
+		quorum=null; #We are in the NoConfidence state
+	else
+		quorum=$(bc <<< "scale=2; ${quorum_numerator}/${quorum_denominator}"); #We are in a normal state, convert the numerator/denominator into a decimal number
+	fi
 
 	#Generate the same output like the cli does. First step, generate the core structure. This also converts the quorum .xx value to 0.xx
-	jsonRet=$(jq -r <<< "{ \"epoch\": $(get_currentEpoch), \"threshold\": ${quorum} }")
+	jsonRet=$(jq -r <<< "{ \"epoch\": $(get_currentEpoch), \"threshold\": ${quorum}, \"committee\": {} }")
 
 	#convert all committee hash entries to the correct format depending on key/script hashes
-	committeeEntryCnt=$(jq -r "length" <<< ${committeeHashArray})
+	committeeEntryCnt=$(( $(jq -r "length" 2> /dev/null <<< ${committeeHashArray}) + 0 ))
 	for (( tmpCnt=0; tmpCnt<${committeeEntryCnt}; tmpCnt++ ))
 	do
 

cardano/mainnet/03b_regStakingAddrCert.sh

@@ -551,18 +551,7 @@ if [[ -f "${fromAddr}.hwsfile" && -f "${stakeAddr}.hwsfile" && "${paymentName}"
         #Witness and Assemble the TxFile
         start_HwWallet; checkError "$?"; if [ $? -ne 0 ]; then exit $?; fi
 
-
-#only one witness (cardano-hw-cli < 1.14.0) and for pre conway era
-#        tmp=$(${cardanohwcli} transaction witness --tx-file ${txBodyFile} --hw-signing-file ${fromAddr}.hwsfile --hw-signing-file ${stakeAddr}.hwsfile --change-output-key-file ${fromAddr}.hwsfile --change-output-key-file ${stakeAddr}.hwsfile ${magicparam} --out-file ${txWitnessFile} 2> /dev/stdout)
-
-#txBodyFile="./tmptest.json"
-
-
-
         tmp=$(${cardanohwcli} transaction witness --tx-file ${txBodyFile} --hw-signing-file ${fromAddr}.hwsfile --hw-signing-file ${stakeAddr}.hwsfile --change-output-key-file ${fromAddr}.hwsfile --change-output-key-file ${stakeAddr}.hwsfile ${magicparam} --out-file ${txWitnessFile} --out-file ${txWitnessFile2} 2> /dev/stdout)
-
-#echo ${tmp}; exit
-
         checkError "$?"; if [ $? -ne 0 ]; then exit $?; fi
         if [[ "${tmp^^}" =~ (ERROR|DISCONNECT) ]]; then echo -e "\e[35m${tmp}\e[0m\n"; exit 1; else echo -ne "\e[0mWitnessed ... "; fi
 

cardano/mainnet/24a_genVote.sh

@@ -233,7 +233,7 @@ if ${onlineMode}; then
 						errorMsg=$(jq -r .errorMsg <<< ${signerJSON} 2> /dev/null)
 						echo -e "\e[0m     Anchor-Data: ${iconYes}\e[32m JSONLD structure is ok\e[0m";
 						if [[ "${errorMsg}" != "" ]]; then echo -e "\e[0m          Notice: ${iconNo} ${errorMsg}\e[0m"; fi
-						authors=$(jq -r --arg iconYes "${iconYes}" --arg iconNo "${iconNo}" '.authors[] | "\\e[0m       Signature: \(if .valid then $iconYes else $iconNo end) \(.name)\\e[0m"' <<< ${signerJSON} 2> /dev/null)
+						authors=$(jq -r --arg iconYes "${iconYes}" --arg iconNo "${iconNo}" '.authors[] | "\\e[0m       Signature: \(if .valid then $iconYes else $iconNo end) \(.name) (PubKey \(.publicKey))\\e[0m"' <<< ${signerJSON} 2> /dev/null)
 						if [[ "${authors}" != "" ]]; then echo -e "${authors}\e[0m"; fi
 					fi
 					echo
@@ -290,7 +290,7 @@ case ${workMode} in
 			if [[ ${govActionUTXO} != "" && ${govActionIdx} != "" ]]; then
 				actionStateJSON=$(jq -r ". | select(.actionId.txId == \"${govActionUTXO}\" and .actionId.govActionIx == ${govActionIdx})" 2> /dev/null <<< "${actionStateJSON}")
 				if [[ "${actionStateJSON}" = "" ]]; then #action-id not on chain
-				        echo -e "\e[0mThe provided Action-ID is\e[33m NOT present on the chain\e[0m!\e[0m\n";
+				        echo -e "\e[0mThe provided Action-ID is\e[33m NOT present (wrong ID or expired) on the chain \e[0m!\e[0m\n";
 				        exit 1;
 				fi
 			fi
@@ -627,9 +627,9 @@ do
 	                                                                else
 	                                                                errorMsg=$(jq -r .errorMsg <<< ${signerJSON} 2> /dev/null)
 	                                                                echo -e "\e[0m     Anchor-Data: ${iconYes}\e[32m JSONLD structure is ok\e[0m";
-									govActionTitle=$(jq -r ".body.title // \"\"" ${tmpAnchorContent} 2> /dev/null)
+									{ read govActionTitle; read proofDepositReturnAddr; read proofWithdrawalAddr; } <<< $(jq -r '.body.title // "-", .body.onChain.depositReturnAddress // "-", .body.onChain.withdrawals[0].withdrawalAddress // "-"' ${tmpAnchorContent} 2> /dev/null)
 	                                                                if [[ "${errorMsg}" != "" ]]; then echo -e "\e[0m          Notice: ${iconNo} ${errorMsg}\e[0m"; fi
-					                                authors=$(jq -r --arg iconYes "${iconYes}" --arg iconNo "${iconNo}" '.authors[] | "\\e[0m       Signature: \(if .valid then $iconYes else $iconNo end) \(.name)\\e[0m"' <<< ${signerJSON} 2> /dev/null)
+					                                authors=$(jq -r --arg iconYes "${iconYes}" --arg iconNo "${iconNo}" '.authors[] | "\\e[0m       Signature: \(if .valid then $iconYes else $iconNo end) \(.name) (PubKey \(.publicKey))\\e[0m"' <<< ${signerJSON} 2> /dev/null)
 	                                                                if [[ "${authors}" != "" ]]; then echo -e "${authors}\e[0m"; fi
 	                                                        fi
 	                                                fi
@@ -679,8 +679,17 @@ do
 				;;
 	esac
 
+	#Show an alert if there is a special proof for the deposit return address and it does not match up with the one in the action
+	if [[ "${proofDepositReturnAddr}" != "-" ]]; then
+		if [[ "${proofDepositReturnAddr}" == "${actionDepositAddr}" ]]; then
+			echo -e "\e[0m${iconYes} The Deposit Return-StakeAddr in the govAction is the same as in the metadata proof!\e[0m\n";
+		else
+			echo -e "\e[0m${iconNo} The Deposit Return-StakeAddr in the govAction is not the same as in the metadata proof!\e[0m\n";
+		fi
+	fi
+
 	#Show governance action title if available
-	if [[ "${govActionTitle}" != "" ]]; then
+	if [[ "${govActionTitle}" != "-" ]]; then
 		echo -e "\e[0mAction-Title: \e[36m${govActionTitle}\e[0m\n"
 	fi
 
@@ -946,32 +955,48 @@ do
 						#  ],
 						#  null
 						#]
-						{ read withdrawalsAmount; read withdrawalsKeyType; read withdrawalsHash; read withdrawalsNetwork; } <<< $( jq -r '.[0][0][1] // "0", (.[0][0][0].credential|keys[0]) // "-", (.[0][0][0].credential|flatten[0]) // "-", .[0][0][0].network // "-"' 2> /dev/null <<< ${actionContents})
-						echo -e "\e[0mAction-Content:\e[36m Withdrawal funds from the treasury\n\e[0m"
-
-						case "${withdrawalsNetwork,,}${withdrawalsKeyType,,}" in
-
-							*"scripthash")	echo -e "\e[0mWithdrawal to\e[32m ScriptHash \e[0m► \e[94m${withdrawalsHash}\e[0m"
-									;;
 
-							"mainnet"*)	withdrawalsAddr=$(${bech32_bin} "stake" <<< "e1${withdrawalsHash}" 2> /dev/null);
-									if [[ $? -ne 0 ]]; then echo -e "\n\e[35mERROR - Could not get Withdrawals Stake-Address from KeyHash '${withdrawalsHash}' !\n\e[0m"; exit 1; fi
-									echo -e "\e[0mWithdrawal to\e[32m StakeAddr \e[0m► \e[94m${withdrawalsAddr}\e[0m"
-									;;
-
-							"testnet"*)	withdrawalsAddr=$(${bech32_bin} "stake_test" <<< "e0${withdrawalsHash}" 2> /dev/null);
-									if [[ $? -ne 0 ]]; then echo -e "\n\e[35mERROR - Could not get Withdrawals Stake-Address from KeyHash '${withdrawalsHash}' !\n\e[0m"; exit 1; fi
-									echo -e "\e[0mWithdrawal to\e[32m StakeAddr \e[0m► \e[94m${withdrawalsAddr}\e[0m"
-									;;
-
-							"")		echo -e "\e[0mWithdrawal \e[32mdirectly\e[0m to the \e[94mDeposit-Return-Address\n\e[0m"
-									;;
+						{ read withdrawalEntries; read withdrawalCounts; } <<< $(jq -r '"\(.[0])" // "[]", (.[0]|length) // 0' <<< ${actionContents} 2> /dev/null)
+						echo -e "\e[0mAction-Content:\e[36m Withdrawal funds from the treasury\n\e[0m"
 
-							*)              echo -e "\n\e[35mERROR - Unknown network type ${withdrawalsNetwork} for the Withdrawal KeyHash !\n\e[0m"; exit 1;
-									;;
-						esac
-						echo -e "\e[0mWithdrawal the\e[32m Amount \e[0m► \e[94m$(convertToADA ${withdrawalsAmount}) ADA / ${withdrawalsAmount} lovelaces\e[0m"
-						echo -e "\e[0m"
+						#Show all found entries
+						for (( tmpCnt3=0; tmpCnt3<${withdrawalCounts}; tmpCnt3++ ))
+						do
+							{ read withdrawalsAmount; read withdrawalsKeyType; read withdrawalsHash; read withdrawalsNetwork; } <<< $( jq -r ".[${tmpCnt3}][1] // 0, (.[${tmpCnt3}][0].credential|keys[0]) // null, (.[${tmpCnt3}][0].credential|flatten[0]) // null, .[${tmpCnt3}][0].network // null" 2> /dev/null <<< ${withdrawalEntries})
+							case "${withdrawalsNetwork,,}${withdrawalsKeyType,,}" in
+
+								*"scripthash")	echo -e "\e[0mWithdrawal to\e[32m ScriptHash \e[0m► \e[94m${withdrawalsHash}\e[0m"
+										;;
+
+								"mainnet"*)	withdrawalsAddr=$(${bech32_bin} "stake" <<< "e1${withdrawalsHash}" 2> /dev/null);
+										if [[ $? -ne 0 ]]; then echo -e "\n\e[35mERROR - Could not get Withdrawals Stake-Address from KeyHash '${withdrawalsHash}' !\n\e[0m"; exit 1; fi
+										echo -e "\e[0mWithdrawal to\e[32m StakeAddr \e[0m► \e[94m${withdrawalsAddr}\e[0m"
+										;;
+
+								"testnet"*)	withdrawalsAddr=$(${bech32_bin} "stake_test" <<< "e0${withdrawalsHash}" 2> /dev/null);
+										if [[ $? -ne 0 ]]; then echo -e "\n\e[35mERROR - Could not get Withdrawals Stake-Address from KeyHash '${withdrawalsHash}' !\n\e[0m"; exit 1; fi
+										echo -e "\e[0mWithdrawal to\e[32m StakeAddr \e[0m► \e[94m${withdrawalsAddr}\e[0m"
+										;;
+
+								"")		echo -e "\e[0mWithdrawal \e[32mdirectly\e[0m to the \e[94mDeposit-Return-Address\n\e[0m"
+										withdrawalsAddr="${actionDepositAddr}"
+										;;
+
+								*)              echo -e "\n\e[35mERROR - Unknown network type ${withdrawalsNetwork} for the Withdrawal KeyHash !\n\e[0m"; exit 1;
+										;;
+							esac
+							echo -e "\e[0mWithdrawal the\e[32m Amount \e[0m► \e[94m$(convertToADA ${withdrawalsAmount}) ADA / ${withdrawalsAmount} lovelaces\e[0m"
+							echo -e "\e[0m"
+						done
+
+						#Show an alert if there is a special proof for the withdrawal address and it does not match up with the one in the action
+						if [[ "${proofWithdrawalAddr}" != "-" ]]; then
+							if [[ "${proofWithdrawalAddr}" == "${withdrawalsAddr}" ]]; then
+								echo -e "\e[0m${iconYes} The Withdrawal StakeAddr in the govAction is the same as in the metadata proof!\e[0m\n";
+							else
+								echo -e "\e[0m${iconNo} The Withdrawal StakeAddr in the govAction is not the same as in the metadata proof!\e[0m\n";
+							fi
+						fi
 
 						#Calculate acceptance: Get the right threshold, make it a nice percentage number, check if threshold is reached
 						{ read dRepPowerThreshold; } <<< $(jq -r '.dRepVotingThresholds.treasuryWithdrawal // 0' <<< "${protocolParametersJSON}" 2> /dev/null)