New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove genesis signing from Iroha #4225
Comments
This would also mean that genesis should be serialized exactly like a |
after this is implemented @AlexStroke should test that we can bootstrap the network where multiple nodes submit genesis |
Currently we store genesis as JSON without any signature attached to it. So i have few questions/concerns:
|
I think we should store genesis as json, have kagami sign it and then place the signed one it somewhere where iroha will pick it up. The signed genesis can be encoded as SCALE |
Correct me if I am wrong. From the point of view of configuration, the change will be:
|
Yes. Also multiple peers will be able to submit genesis |
also make sure to update |
what if peers have different genesis files but correctly signed with the expected private key? what if |
we can't prevent that. We can pursue some resolution tactic but I don't think we should
every peer knows genesis public key so once they receive the genesis they will verify if it was indeed signed by the correct key. In other words, this cannot happen |
I mean from their perspective it would be valid, imagine isolated sets of peers with distinct public key configured and corresponding genesis file attached But generally the answer is clear, thanks |
I was scratching my head on this topic and also on the topic of chain-wide configuration (#4028). I have came to the following vision, and you are welcome to find flaws in it. First of all, I incline towards having the genesis block provided to each peer before it even starts gossiping with other peers. Therefore, I am so far against the idea of starting a network with no blocks at all and then awaiting for it from a client. It has many complications:
Instead, I think it is simpler to continue with supplying the genesis block on Iroha startup. So, here is my vision on how to solve multiple problems (remove genesis signing and make chain-wide config purely on-chain).
|
Genesis should be signed offline and given to Iroha through config. This way no peer needs to know about genesis private key. The functionality to sign genesis (or any) transaction could be placed into
kagami
. Also this would remove the--submit-genesis
from the start args because genesis could just be picked up through configThe text was updated successfully, but these errors were encountered: