This project continues Implementation of a distributed key generation algorithm (Pedersen 91) in C#.
Pedersen 91 algorithm is synchronous by its nature. In dkg-nodes project we provide a wrapper for Pedersen 91 that help to run it in truly asynchronous distributed environment.
Implementation includes two types of entities
-
dkg nodethat is a participant of distributed key generation algorithm.dkg nodeis REST API client and thus does not require any of its resources to be published -
dkg service nodewhich orchestratesdkg nodes.dkg service nodeis REST API server
Parameters
<Name>--dkg nodename, optional, defaults to<GUID><GUID>--dkg nodeGUID, optional. If GUID is not provided, it is autmatically generated upon node start. Note, that with autogenerated GUID the node is considered "different" for each run, while explicitly provided GUID ensures that the node is considered "the same"<Service node URL>-- fully qualified service node URL<Polling interval>-- delay between attempts to get updated algorithm information or command fromservice node, milliseconds. Optional, defaults to 3000 (3 seconds)
Command
docker run --env=DKG_SERVICE_NODE_URL=<Service node URL> --env=DKG_NODE_NAME=<Name> \
--env=DKG_NODE_GUID=<GUID> DKG_NODE_POLLING_INTERVAL=<Polling interval> \
--env=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
--env=DOTNET_RUNNING_IN_CONTAINER=true --env=DOTNET_VERSION=8.0.4 --env=ASPNET_VERSION=8.0.4 \
-d ghcr.io/maxirmx/dkg-node:0.5.2
Example
docker run --env=DKG_SERVICE_NODE_URL=http://dkg.samsonov.net:8080 --env=DKG_NODE_NAME=TheNodeAtKreel0 \
--env=DKG_NODE_GUID=ADC13255-AEDB-49F8-869E-153D8A2F0FAE \
--env=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
--env=DOTNET_RUNNING_IN_CONTAINER=true --env=DOTNET_VERSION=8.0.4 --env=ASPNET_VERSION=8.0.4 \
-d ghcr.io/maxirmx/dkg-node:0.5.2
We provide a simple GUI to control dkg service node in a separate project.
version: '3.4'
services:
dkgservicenode:
container_name: dkg_service_node
image: ghcr.io/maxirmx/dkg-service-node:latest
environment:
- ASPNETCORE_ENVIRONMENT=Production
- ASPNETCORE_HTTP_PORTS=8080
- ASPNETCORE_HTTPS_PORTS=8081
- ASPNETCORE_Kestrel__Certificates__Default__Path=/etc/dkg/s.pfx
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
ports:
- "8080:8080"
- "8081:8081"
volumes:
- /etc/dkg:/etc/dkg
depends_on:
- dkgservice_db
dkgservice_db:
container_name: dkgservice_db
image: postgres:16.1
restart: unless-stopped
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- POSTGRES_DB=dkgservice
volumes:
- pgdata:/var/lib/postgresql
dkgfrontend:
container_name: dkg_frontend
image: ghcr.io/maxirmx/dkg-frontend:latest
environment:
- NGINX_SSL_CERTIFICATE_PATH=/etc/nginx/certificate/s.crt
- NGINX_SSL_CERTIFICATE_KEY_PATH=/etc/nginx/certificate/s.key
ports:
- "80:80"
- "443:443"
volumes:
# Certificate and key for Nginx are expected at
# /etc/nginx/certificate/s.crt
# /etc/nginx/certificate/s.key
- /etc/nginx/certificate:/etc/nginx/certificate
volumes:
pgdata: {}
Note that service node setup requires two SSL certificates
For Nginx (front end application)
Certificate public and private keys are expected in fixed locations in front-end container - /etc/nginx/certificate/s.crt and /etc/nginx/certificate/s.key
For Kestrel (service node application)
PKCS#12 (.pfx) file at configurable location defined by ASPNETCORE_Kestrel__Certificates__Default__Path environment variable
Password for PKCS#12 file set at ASPNETCORE_Kestrel__Certificates__Default__Password environment variable
Initial development of this project was financed by NarayanaSupramati