Hex Encode signer CLI outputs from StackerDB chunks

[8marz8]

Description

Hex encoding StackerDB chunks before writing to terminal to address audit security issue.

Applicable issues

• closes [stacks-signer] the cli commands for outputting data can be manipulated  #4650

[jferrant]

I think the standard we use when printing binary data to the terminal in the stacks core is to just convert everything to hex (though base64 also works). I think we can just do that. I would hexify it and i think we already have a to_hex function or something like that which shouldbe accessible from the signer. Maybe update the helper messages for each CLI command to indicate that it prints the chunk data in hex

[jcnelson]

Yeah, seconded -- this should be hex or base64. If the user wants to convert to binary, they can pipe it into xxd or base64

[jferrant]

Side note, this will have to be reopened against develop as soon as Brice finishes merging next into develop . See https://nakamotoslack.slack.com/archives/C067BHSN1SL/p1712679342282899

[8marz8]

@jferrant @jcnelson
When I remove the ANSI filtering and only encode to hex, if I pipe the output to xxd, it will still hide the sequence provided in the audit example.
Would it be the user's responsibility to safely read the output?
Just want to ensure that on our end, it's sufficient that we only encode it.

[jferrant]

@jferrant @jcnelson When I remove the ANSI filtering and only encode to hex, if I pipe the output to xxd, it will still hide the sequence provided in the audit example. Would it be the user's responsibility to safely read the output? Just want to ensure that on our end, it's sufficient that we only encode it.

I think it can be the user's responsibility to escape the output :)

[8marz8]

@jferrant Updated the base branch for the PR

[blockstack-devops]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.