Documentation
¶
Overview ¶
* PrivValidator * * Package privval implements the BFT validator interface defined in tm2/pkg/bft/types.PrivValidator. * The validator role is to sign votes and proposals for the consensus protocol, ensuring that it never * double-signs, even in the case of a crash during the signing process or a malicious attack. * * To achieve this, the PrivValidator relies on two components: * - a signer that generates cryptographic signatures for arbitrary byte slices without any checks. * - a state that both stores and verifies the last signature and signed data to prevent double-signing. * * * Signer * * The signer implements the BFT signer interface defined in tm2/pkg/bft/types.Signer. Two implementations * are provided in this package: * - a local signer that uses a keypair encoded with amino and persisted to disk (default for gnoland nodes). * - a remote signer that uses a client sending signing requests to a remote signer server. * * Both the remote signer client and server are provided in tm2/pkg/bft/privval/signer/remote. The current * implementation supports TCP and UNIX socket connections. * * TCP connections are secured using the cryptographic handshake defined in tm2/pkg/p2p/conn.MakeSecretConnection * which is an implementation of the STS protocol described in this whitepaper: * https://github.com/tendermint/tendermint/blob/0.1/docs/sts-final.pdf * TCP connections can optionally be mutually authenticated using a whitelist of authorized public keys for both * the client and the server. * * By default, the remote signer client will indefinitely try to connect to the remote signer server for each * request it sends. Consequently, a node using a private validator with a remote signer will not fail due to * temporary network issues or a crash of the remote signer server. * * The remote signer server provided by this package is a generic bridge that take any types.Signer as a * parameter and proxies the client requests to it. Additionally, gnokms is a CLI tool available in * contribs/gnokms that aims to provide a remote signer server along with a set of backend signers, including * one based on gnokey. * * * State * * The state manager defined in tm2/pkg/bft/privval/state does not implement any interface. It basically keeps * track of the last signature and signed data to prevent double-signing. The state is persisted to disk in a * file encoded with amino and all checks are performed locally.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewSignerFromConfig ¶
func NewSignerFromConfig( ctx context.Context, config *PrivValidatorConfig, clientPrivKey ed25519.PrivKeyEd25519, clientLogger *slog.Logger, ) (types.Signer, error)
NewSignerFromConfig returns a new Signer instance based on the configuration. The ctx and clientLogger are only used for the remote signer client. The clientPrivKey is only used for the remote signer client using a TCP connection.
Types ¶
type PrivValidator ¶
type PrivValidator struct {
// contains filtered or unexported fields
}
PrivValidator signs votes and proposals for the consensus protocol using a signer (which can be either local or remote) and a state file to ensure that the validator never double sign, even in the case of a crash.
func NewPrivValidator ¶
func NewPrivValidator(signer types.Signer, stateFilePath string) (*PrivValidator, error)
NewPrivValidator returns a new PrivValidator instance with the given signer and state file path. If the state file does not exist, it will be created.
func NewPrivValidatorFromConfig ¶
func NewPrivValidatorFromConfig( config *PrivValidatorConfig, clientPrivKey ed25519.PrivKeyEd25519, clientLogger *slog.Logger, ) (*PrivValidator, error)
NewPrivValidatorFromConfig returns a new PrivValidator instance based on the configuration. The ctx and clientLogger are only used for the remote signer client. The clientPrivKey is only used for the remote signer client using a TCP connection.
func (*PrivValidator) Close ¶
func (pv *PrivValidator) Close() error
Close implements types.PrivValidator.
func (*PrivValidator) PubKey ¶
func (pv *PrivValidator) PubKey() crypto.PubKey
PubKey returns the public key of the private validator signer.
func (*PrivValidator) SignProposal ¶
func (pv *PrivValidator) SignProposal(chainID string, proposal *types.Proposal) error
SignProposal signs a proposal using the private validator's signer and updates the state file to prevent double signing.
func (*PrivValidator) SignVote ¶
func (pv *PrivValidator) SignVote(chainID string, vote *types.Vote) error
SignVote signs a vote using the private validator's signer and updates the state file to prevent double signing.
func (*PrivValidator) String ¶
func (pv *PrivValidator) String() string
String implements fmt.Stringer.
type PrivValidatorConfig ¶
type PrivValidatorConfig struct {
// File path configuration.
RootDir string `json:"home" toml:"home"`
SignState string `` /* 129-byte string literal not displayed */
LocalSigner string `` /* 138-byte string literal not displayed */
// Remote Signer configuration.
RemoteSigner *rsclient.RemoteSignerClientConfig `json:"remote_signer" toml:"remote_signer" comment:"Configuration for the remote signer client"`
}
PrivValidatorConfig defines the configuration for the PrivValidator, with a local or remote signer, including network parameters and filepaths.
func DefaultPrivValidatorConfig ¶
func DefaultPrivValidatorConfig() *PrivValidatorConfig
DefaultPrivValidatorConfig returns a default configuration for the PrivValidator.
func TestPrivValidatorConfig ¶
func TestPrivValidatorConfig() *PrivValidatorConfig
TestPrivValidatorConfig returns a configuration for testing the PrivValidator.
func (*PrivValidatorConfig) LocalSignerPath ¶
func (cfg *PrivValidatorConfig) LocalSignerPath() string
LocalSignerPath returns the complete path for the local signer file.
func (*PrivValidatorConfig) SignStatePath ¶
func (cfg *PrivValidatorConfig) SignStatePath() string
SignStatePath returns the complete path for the sign state file.
func (*PrivValidatorConfig) ValidateBasic ¶
func (cfg *PrivValidatorConfig) ValidateBasic() error
ValidateBasic performs basic validation (checking param bounds, etc.) and returns an error if any check fails.
Source Files
Directories