-
Couldn't load subscription status.
- Fork 0
Setup
This guide will try to show the different steps to run a signer node.
To simplifies things a little bit, this guide assumes that :
-
A tezos node is already available
-
An ethereum node is already running
-
In memory keys will be used
-
Docker will be used
Create a volume, to make backups and migrations easier
docker volume create ipfs_volume
Run ipfs
docker run -d --name ipfs --network="signer" --network-alias=ipfs \ -v ipfs_volume:/data/ipfs/:rw \ -e IPFS_PROFILE=server \ -p 127.0.0.1:5001:5001 -p 0.0.0.0:4001:4001/tcp -p 0.0.0.0:4001:4001/udp -p 0.0.0.0:8080:8080 \ ipfs/go-ipfs:v0.8.0 \ daemon --migrate=true --enable-pubsub-experiment=true --enable-namesys-pubsub=true
Create an specific key for wrap protocol usage
docker exec ipfs ipfs key gen wrap_key
Backup the key
this key is very important, as it is your identifier inside the quorum contract. Make sure to backup it in a safe place. To export your key :
-
The key can can only be backed up if ipfs is not running, so :
docker stop ipfs -
Extracts the key:
docker run --rm \ -v ipfs_volume:/data/ipfs:rw \ -v "${PWD}":/export \ ipfs/go-ipfs:v0.8.0 key export -o /export/wrap_key.key wrap_key -
Backup the
wrap_key.keyfile in a safe location -
Restart ipfs :
docker start ipfs
|
ℹ️
|
There is obviously more to be said about fine tuning an IPFS node. For intance, how to limit bandwith, or not participating in DHT. This topics are best covered directly in ipfs doc. To mount a specific configuration file for ipfs daemon, you can add this to your docker run command : --mount type=bind,source=<custom config file path>,target=/data/ipfs/config |
Create a docker volume
docker volume create signer_volume
Create env file
Create a file named signer.env containing:
Ethereum__Node__Endpoint=(1) Ethereum__Node__Confirmations=10 Ethereum__LockingContract=0x0cFa220dDA04DA22754baA1929798ec5E01A3483 Ethereum__InitialLevel=8203973 Ethereum__Signer__Key=(2) Tezos__QuorumContract=KT1C5ftQmsS41bwS5wQKWRmEhUCyfk6kan2S Tezos__MinterContract=KT1RjHY3G7omtaohqnkEqCybQ73BqFeHkZh1 Tezos__InitialLevel=98541 Tezos__Node__ChainId=NetXSgo1ZT2DRUG Tezos__Node__Endpoint=https://edonet.smartpy.io Tezos__Node__Confirmations=10 Tezos__Signer__Key=(3) IPFS__Endpoint=http://ipfs:5001 IPFS__KeyName=wrap_key
-
Ethereum node endpoint: eg http://localhost:8545
-
Ethereum private key, hex encoded
-
Tezos base58 private key. only manages ed25519
|
ℹ️
|
This configuration sample targets edo2net contracts. It way be outdated by the time you will read it. |
Run signer node
docker run -d --name signer_node --network="signer" \ -v signer_volume:/Data/:rw \ -p 127.0.0.1:5000:80 \ --env-file signer.env \ benderlabs/wrap.signer:v0.6.2
Extract your quorum member informations
curl http://localhost:5000/keys
This was the simplest setup that could possibly work. To dig a little bit deeper, you can :
-
try to use a cloud HSM AWS KMS or Azure key vault
-
explore what operations are expected from a quorum member