mmgen-autosign: move help notes to separate module

mmgen/help/__init__.py

@@ -60,10 +60,10 @@ def gen_arg_tuple(cfg, func, text):
 		return getattr(importlib.import_module(
 			f'{cfg._help_pkg}.help_notes').help_notes(proto, cfg), k)(*args, **kwargs)
 
-	def help_mod(modname):
+	def help_mod(modname, *args, **kwargs):
 		import importlib
 		return importlib.import_module(
-			f'{cfg._opts.help_pkg}.{modname}').help(proto, cfg)
+			f'{cfg._opts.help_pkg}.{modname}').help(proto, cfg, *args, **kwargs)
 
 	from ..protocol import init_proto_from_cfg
 	proto = init_proto_from_cfg(cfg, need_amt=True)

mmgen/help/autosign.py

@@ -0,0 +1,131 @@
+#!/usr/bin/env python3
+#
+# MMGen Wallet, a terminal-based cryptocurrency wallet
+# Copyright (C)2013-2026 The MMGen Project <mmgen@tuta.io>
+# Licensed under the GNU General Public License, Version 3:
+#   https://www.gnu.org/licenses
+# Public project repositories:
+#   https://github.com/mmgen/mmgen-wallet
+#   https://gitlab.com/mmgen/mmgen-wallet
+
+"""
+help.autosign: autosign help notes for the MMGen Wallet suite
+"""
+
+def help(proto, cfg, *, asi):
+	return f"""
+
+                                   OPERATIONS
+
+clean     - clean the removable device of unneeded files, removing only non-
+            essential data
+gen_key   - generate the wallet encryption key and copy it to the removable
+            device mounted at mountpoint ‘{asi.mountpoint}’ (as currently
+            configured)
+setup     - full setup: run ‘gen_key’ and create temporary signing wallet(s)
+            for all configured coins
+xmr_setup - set up Monero temporary signing wallet(s).  Not required during
+            normal operation: use ‘setup’ with --xmrwallets instead
+macos_ramdisk_setup - set up the ramdisk used for storing the temporary signing
+            wallet(s) (macOS only).  Required only when creating the wallet(s)
+            manually, without ‘setup’
+macos_ramdisk_delete - delete the macOS ramdisk
+disable_swap - disable disk swap to prevent potentially sensitive data in
+            volatile memory from being swapped to disk.  Applicable only when
+            creating temporary signing wallet(s) manually, without ‘setup’
+enable_swap - reenable disk swap.  For testing only, should not be invoked in
+            a production environment
+wait      - start in loop mode: wait-mount-sign-unmount-wait
+wipe_key  - wipe the wallet encryption key on the removable device, making
+            signing transactions or stealing the user’s seed impossible.
+            The operation is intended as a ‘kill switch’ and thus performed
+            without prompting
+list_led  - list boards with tested LED signaling support
+test_led  - test the current board for LED signaling support
+
+
+                               USAGE NOTES
+
+If no operation is specified, this program mounts a removable device
+(typically a USB flash drive) containing unsigned MMGen transactions, message
+files, and/or XMR wallet output files, signs them, unmounts the removable
+device and exits.
+
+If invoked with ‘wait’, the program waits in a loop, mounting the removable
+device, performing signing operations and unmounting the device every time it
+is inserted.
+
+The removable device must have a partition with a filesystem labeled MMGEN_TX
+and a user-writable root directory.  For interoperability between OS-es, it’s
+recommended to use the exFAT file system.
+
+On both the signing and online machines the mountpoint ‘{asi.mountpoint}’
+(as currently configured) must exist.  Linux (not macOS) machines must have
+an ‘/etc/fstab’ with the following entry:
+
+    LABEL=MMGEN_TX {asi.mountpoint} auto noauto,user 0 0
+
+Signing is performed with a temporary wallet created in volatile memory in
+the directory ‘{asi.wallet_dir}’ (as currently configured).  The wallet is
+encrypted with a 32-byte password saved in the file ‘autosign.key’ in the
+root of the removable device’s filesystem.
+
+
+                             LED SIGNALING SUPPORT
+
+On supported platforms (selected Orange Pi, Rock Pi, Banana Pi, Nano Pi and
+Raspberry Pi boards), a flashing LED indicates whether signing is in progress
+or the program is in standby mode, i.e. ready for device insertion or removal.
+
+The operation ‘test_led’ tests the current installation for LED support, while
+‘list_led’ displays a list of supported board/OS combinations.  Note that this
+list is not exhaustive: signaling may work with other boards, especially those
+produced by the listed manufacturers.  If ‘test_led’ reports that your board is
+not supported, please submit an issue to the mmgen-wallet repository on Github
+or via e-mail, including the board model, OS version and output of the
+following shell command:
+
+    ls -RH /sys/class/leds/{{*status*,*led*}}
+
+In the absence of LED support, the user must observe the signing progress
+on-screen and wait for the “safe to extract” message to appear.
+
+
+The password and temporary wallet may be created in one operation by invoking
+‘mmgen-autosign setup’ with the removable device inserted.  In this case, the
+temporary wallet is created from the user’s default wallet, if it exists and
+the user so desires.  If not, the user is prompted to enter a seed phrase.
+
+Alternatively, the password and temporary wallet may be created separately by
+first invoking ‘mmgen-autosign gen_key’ and then creating and encrypting the
+wallet using the -P (--passwd-file) option:
+
+    $ mmgen-walletconv -iwords -d{asi.wallet_dir} -p1 -N -P{asi.mountpoint}/autosign.key -Lfoo
+
+Note that the hash preset must be ‘1’.  To use a wallet file as the source
+instead of an MMGen seed phrase, omit the ‘-i’ option and add the wallet
+file path to the end of the command line.  Multiple temporary wallets may
+be created in this way and used for signing (note, however, that for XMR
+operations only one wallet is supported).
+
+Autosigning is currently supported on Linux and macOS only.
+
+
+                               SECURITY NOTE
+
+By placing wallet and password on separate devices, this program creates
+a two-factor authentication setup whereby an attacker must gain physical
+control of both the removable device and signing machine in order to sign
+transactions.  It’s therefore recommended to always keep the removable device
+secure, separated from the signing machine and hidden (in your pocket, for
+example) when not transacting.  In addition, since login access on the
+signing machine is required to steal the user’s seed, it’s good practice
+to lock the signing machine’s screen once the setup process is complete.
+
+As a last resort, cutting power to the signing machine will destroy the
+volatile memory where the temporary wallet resides and foil any attack,
+even if you’ve lost control of the removable device.
+
+Always remember to power off the signing machine when your signing session
+is over.
+"""

mmgen/main_autosign.py

@@ -69,129 +69,15 @@ opts_data = {
 -x, --xmrwallets=L    Range or list of wallet numbers to be used for XMR
                       autosigning
 """,
-	'notes': """
-
-                               OPERATIONS
-
-clean     - clean the removable device of unneeded files, removing only non-
-            essential data
-gen_key   - generate the wallet encryption key and copy it to the removable
-            device mounted at mountpoint ‘{asi.mountpoint}’ (as currently
-            configured)
-setup     - full setup: run ‘gen_key’ and create temporary signing wallet(s)
-            for all configured coins
-xmr_setup - set up Monero temporary signing wallet(s).  Not required during
-            normal operation: use ‘setup’ with --xmrwallets instead
-macos_ramdisk_setup - set up the ramdisk used for storing the temporary signing
-            wallet(s) (macOS only).  Required only when creating the wallet(s)
-            manually, without ‘setup’
-macos_ramdisk_delete - delete the macOS ramdisk
-disable_swap - disable disk swap to prevent potentially sensitive data in
-            volatile memory from being swapped to disk.  Applicable only when
-            creating temporary signing wallet(s) manually, without ‘setup’
-enable_swap - reenable disk swap.  For testing only, should not be invoked in
-            a production environment
-wait      - start in loop mode: wait-mount-sign-unmount-wait
-wipe_key  - wipe the wallet encryption key on the removable device, making
-            signing transactions or stealing the user’s seed impossible.
-            The operation is intended as a ‘kill switch’ and thus performed
-            without prompting
-list_led  - list boards with tested LED signaling support
-test_led  - test the current board for LED signaling support
-
-
-                               USAGE NOTES
-
-If no operation is specified, this program mounts a removable device
-(typically a USB flash drive) containing unsigned MMGen transactions, message
-files, and/or XMR wallet output files, signs them, unmounts the removable
-device and exits.
-
-If invoked with ‘wait’, the program waits in a loop, mounting the removable
-device, performing signing operations and unmounting the device every time it
-is inserted.
-
-The removable device must have a partition with a filesystem labeled MMGEN_TX
-and a user-writable root directory.  For interoperability between OS-es, it’s
-recommended to use the exFAT file system.
-
-On both the signing and online machines the mountpoint ‘{asi.mountpoint}’
-(as currently configured) must exist.  Linux (not macOS) machines must have
-an ‘/etc/fstab’ with the following entry:
-
-    LABEL=MMGEN_TX {asi.mountpoint} auto noauto,user 0 0
-
-Signing is performed with a temporary wallet created in volatile memory in
-the directory ‘{asi.wallet_dir}’ (as currently configured).  The wallet is
-encrypted with a 32-byte password saved in the file ‘autosign.key’ in the
-root of the removable device’s filesystem.
-
-
-                             LED SIGNALING SUPPORT
-
-On supported platforms (selected Orange Pi, Rock Pi, Banana Pi, Nano Pi and
-Raspberry Pi boards), a flashing LED indicates whether signing is in progress
-or the program is in standby mode, i.e. ready for device insertion or removal.
-
-The operation ‘test_led’ tests the current installation for LED support, while
-‘list_led’ displays a list of supported board/OS combinations.  Note that this
-list is not exhaustive: signaling may work with other boards, especially those
-produced by the listed manufacturers.  If ‘test_led’ reports that your board is
-not supported, please submit an issue to the mmgen-wallet repository on Github
-or via e-mail, including the board model, OS version and output of the
-following shell command:
-
-    ls -RH /sys/class/leds/{{*status*,*led*}}
-
-In the absence of LED support, the user must observe the signing progress
-on-screen and wait for the “safe to extract” message to appear.
-
-
-The password and temporary wallet may be created in one operation by invoking
-‘mmgen-autosign setup’ with the removable device inserted.  In this case, the
-temporary wallet is created from the user’s default wallet, if it exists and
-the user so desires.  If not, the user is prompted to enter a seed phrase.
-
-Alternatively, the password and temporary wallet may be created separately by
-first invoking ‘mmgen-autosign gen_key’ and then creating and encrypting the
-wallet using the -P (--passwd-file) option:
-
-    $ mmgen-walletconv -iwords -d{asi.wallet_dir} -p1 -N -P{asi.mountpoint}/autosign.key -Lfoo
-
-Note that the hash preset must be ‘1’.  To use a wallet file as the source
-instead of an MMGen seed phrase, omit the ‘-i’ option and add the wallet
-file path to the end of the command line.  Multiple temporary wallets may
-be created in this way and used for signing (note, however, that for XMR
-operations only one wallet is supported).
-
-Autosigning is currently supported on Linux and macOS only.
-
-
-                               SECURITY NOTE
-
-By placing wallet and password on separate devices, this program creates
-a two-factor authentication setup whereby an attacker must gain physical
-control of both the removable device and signing machine in order to sign
-transactions.  It’s therefore recommended to always keep the removable device
-secure, separated from the signing machine and hidden (in your pocket, for
-example) when not transacting.  In addition, since login access on the
-signing machine is required to steal the user’s seed, it’s good practice
-to lock the signing machine’s screen once the setup process is complete.
-
-As a last resort, cutting power to the signing machine will destroy the
-volatile memory where the temporary wallet resides and foil any attack,
-even if you’ve lost control of the removable device.
-
-Always remember to power off the signing machine when your signing session
-is over.
-"""
+	'notes': '{n_as}'
 	},
 	'code': {
 		'options': lambda s: s.format(
 			asi     = asi,
 			mn_fmts = fmt_list(asi.mn_fmts, fmt='no_spc'),
 		),
-		'notes': lambda s: s.format(asi=asi)
+		'notes': lambda s, help_mod: s.format(
+			n_as = help_mod('autosign', asi=asi))
 	}
 }