Update demo steps for configuring TMKMS

docs/demo.md

@@ -4,12 +4,228 @@
 
 - [ansible](playbooks/README.md#ansible-installation)
 - [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install)
+- [tmkms](https://github.com/iqlusioninc/tmkms?tab=readme-ov-file#installation)
+  - Install with `softsign` feature
+    ```bash
+    cargo install tmkms --features=softsign --version=0.14.0
+    ```
+- testnet-state.json ([exported testnet state](./run-first-validator.md#export-testnet-state)) 
+- distribution.json (JSON containing the `lps_lockup` distribution)
 
-## Run node
+## Steps
 
-- Follow these steps to run first validator node: [run-first-validator.md](./run-first-validator.md)
+- In current working directory demo, keep exported `testnet-state.json` and `distribution.json` file from prerequisites
 
-- Following steps can be used to run subsequent validator nodes
+- Fetch stack:
+
+  ```bash
+  laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull
+  ```
+
+- Export current working directory
+
+  ```bash
+  export CWD=$(pwd)
+  ```
+
+- Set envs:
+
+  ```bash
+  export EXPORTED_STATE_PATH=$CWD/testnet-state.json
+  export LPS_DISTRIBUTION_PATH=$CWD/distribution.json
+
+  # Test address that does not exist on testnet chain
+  export EARLY_SUPPORTS_ACC_ADDR=laconic1gwytamfk3m5n0gsawh5vpwxkwd3vapmvzpp6nz
+  ```
+
+- Copy the example variables file:
+
+  ```bash
+  cp ~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.example.yml ~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.yml
+  ```
+
+- Run playbook to use exported state for generating mainnet genesis:
+
+  ```bash
+  ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH" -e "early_supports_acc_address=$EARLY_SUPPORTS_ACC_ADDR"
+  ```
+
+- Genesis file will be generated in output directory along with a file specifying the staking amount
+
+  ```bash
+  # List files in output directory - genesis.json and staking-amount.json
+  ls -l output
+  ```
+
+- Set env for key of account with balance in testnet:
+
+  ```bash
+  export FIRST_ACCOUNT_KEY=<KEY_OF_ACCOUNT_WITH_BALANCE_IN_TESTNET>
+  ```
+
+- Create and populate first-validator-vars.yml:
+
+  ```bash
+  cat > ~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.yml << EOL
+  # Use a private key of an existing account with balance in testnet
+  pvt_key: $FIRST_ACCOUNT_KEY
+
+  # Path to the generated mainnet genesis file
+  # Use the absolute path of generated output directory in the previous steps
+  genesis_file: "$CWD/output/genesis.json"
+
+  # Path to staking-amount.json generated in previous steps
+  staking_amount_file: "$CWD/output/staking-amount.json"
+
+  # Set custom moniker for the node
+  cerc_moniker: "LaconicMainnet"
+  # Set desired key name
+  key_name: "laconic-validator"
+  
+  cerc_chain_id: "laconic-mainnet"
+  min_gas_price: 0.001
+  cerc_loglevel: "info"
+  key_name: "laconic-validator"
+  EOL
+  ```
+
+- Export the data directory and mainnet deployment directory as environment variables:
+
+  ```bash
+  # Parent directory where the deployment directory will live
+  export DATA_DIRECTORY=$CWD
+
+  # Set mainnet deployment directory
+  export MAINNET_DEPLOYMENT_DIR=mainnet-laconicd-deployment
+  ```
+
+- Run ansible playbook to submit gentx and setup the node:
+
+  ```bash
+  ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/setup-first-validator.yml
+  ```
+
+- Create tmks config directory for first validator node
+
+  ```bash
+  tmkms init ./tmkms-first-node
+  ```
+
+- Update the TMKMS configuration file `./tmkms-first-node/tmkms.toml`:
+
+  ```bash
+  cat > ./tmkms-first-node/tmkms.toml << EOL
+  [[chain]]
+  id = "laconic-mainnet"
+  key_format = { type = "bech32", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
+  state_file = "$CWD/tmkms-first-node/state/priv_validator_state.json"
+
+  [[validator]]
+  chain_id = "laconic-mainnet"
+  addr = "tcp://localhost:26659"
+  secret_key = "$CWD/tmkms-first-node/secrets/kms-identity.key"
+  protocol_version = "v0.34"
+  reconnect = true
+
+  [[providers.softsign]]
+  key_type = "consensus"
+  path = "$CWD/tmkms-first-node/secrets/priv_validator_key"
+  chain_ids = ["laconic-mainnet"]
+  EOL
+  ```
+
+- Import the private validator key into tmkms:
+  
+  ```bash
+  tmkms softsign import $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json $CWD/tmkms-first-node/secrets/priv_validator_key
+  ```
+
+- Start TMKMS:
+  ```bash
+  tmkms start --config $CWD/tmkms-first-node/tmkms.toml
+  ```
+
+- In a new terminal export envs
+  ```bash
+  export CWD=$(pwd)
+  export DATA_DIRECTORY=$CWD
+  export MAINNET_DEPLOYMENT_DIR=mainnet-laconicd-deployment
+
+  # Test address that does not exist on testnet chain
+  export EARLY_SUPPORTS_ACC_ADDR=laconic1gwytamfk3m5n0gsawh5vpwxkwd3vapmvzpp6nz
+  ```
+
+- Enable TMKMS in the laconicd node configuration:
+  ```bash
+  echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
+  ```
+
+- Remove the validator key from node deployment as it is no longer required
+  ```bash
+  rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
+  ```
+
+- Run the first validator node
+
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
+  ```
+
+- Check logs to ensure that node is running:
+
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
+  ```
+
+- Check that the validator pubkey is different from the key generated in config directory
+  ```bash
+  # Check consensus_pubkey in output
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators -o json | jq .validators'
+
+  # Check pub_key in output
+  sudo cat $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
+  ```
+  NOTE: Validator key file is generated by `laconicd start` command if it does not exist, but it is not used since TMKMS is configured
+
+- Check bonds list to confirm that testnet state was transferred properly:
+
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query bond list'
+  ```
+
+- Check `alps` and `alnt` tokens total supply:
+
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query bank total-supply'
+  ```
+
+- Query the `lps_lockup` account and view distribution:
+
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup'
+  ```
+
+- Query the `lps_lockup` and early supports accounts balances:
+
+  ```bash
+  lockup_account_address=$(laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup -o json | jq -r .account.value.base_account.address')
+
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $lockup_account_address"
+
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $EARLY_SUPPORTS_ACC_ADDR"
+  ```
+
+- Copy the genesis file to [config](./config) folder:
+
+  ```bash
+  cp $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/genesis.json ~/cerc/laconicd-stack/config/mainnet-genesis.json
+  ```
+
+- Copy the staking amount file to [config](./config) folder:
+
+  ```bash
+  cp $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/tmp/staking-amount.json ~/cerc/laconicd-stack/config/staking-amount.json
+  ```
 
 - Copy the example variables file:
 
@@ -23,8 +239,6 @@
   laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@host.docker.internal:26656'
   ```
 
-  NOTE: Make sure that DATA_DIRECTORY and MAINNET_DEPLOYMENT_DIR values are that of first validator deployment
-
 - Update `cerc_peers` in `~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml`:
 
   ```bash
@@ -37,11 +251,10 @@
 
   ```bash
   # Parent directory where the deployment directory will live
-  export DATA_DIRECTORY=
+  export DATA_DIRECTORY=$CWD
 
   # Set mainnet deployment directory
-  # for eg: mainnet-validator-deployment
+  export MAINNET_DEPLOYMENT_DIR=mainnet-validator-deployment
-  export MAINNET_DEPLOYMENT_DIR=
   ```
 
 - Update port mappings in `~/cerc/laconicd-stack/playbooks/validator/templates/specs/spec-template.yml.j2` to avoid port conflicts with first validator node:
@@ -51,6 +264,7 @@
     ports:
       laconicd:
         - '3060:6060'
+        - '36659:26659'
         - '36657:26657'
         - '36656:26656'
         - '3473:9473'
@@ -58,10 +272,67 @@
         - '3317:1317'
   ```
 
-- Run ansible playbook to set up and start your validator node:
+- Run ansible playbook to set up your validator node deployment:
 
   ```bash
-  ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/run-validator.yml
+  ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml
+  ```
+
+- Create tmks config directory for second validator node
+
+  ```bash
+  tmkms init ./tmkms-second-node
+  ```
+
+- Update the TMKMS configuration file `./tmkms-second-node/tmkms.toml`:
+
+  ```bash
+  cat > ./tmkms-second-node/tmkms.toml << EOL
+  [[chain]]
+  id = "laconic-mainnet"
+  key_format = { type = "bech32", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
+  state_file = "$CWD/tmkms-second-node/state/priv_validator_state.json"
+
+  [[validator]]
+  chain_id = "laconic-mainnet"
+  addr = "tcp://localhost:36659"
+  secret_key = "$CWD/tmkms-second-node/secrets/kms-identity.key"
+  protocol_version = "v0.34"
+  reconnect = true
+
+  [[providers.softsign]]
+  key_type = "consensus"
+  path = "$CWD/tmkms-second-node/secrets/priv_validator_key"
+  chain_ids = ["laconic-mainnet"]
+  EOL
+  ```
+
+- Import the private validator key into tmkms:
+    
+  ```bash
+  tmkms softsign import $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json $CWD/tmkms-second-node/secrets/priv_validator_key
+  ```
+
+- Start TMKMS:
+  ```bash
+  tmkms start --config $CWD/tmkms-second-node/tmkms.toml
+  ```
+
+- In a new terminal export envs
+  ```bash
+  export CWD=$(pwd)
+  export DATA_DIRECTORY=$CWD
+  export MAINNET_DEPLOYMENT_DIR=mainnet-validator-deployment
+  ```
+
+- Enable TMKMS in the laconicd node configuration:
+  ```bash
+  echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
+  ```
+
+- Start the node:
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
   ```
 
 - Check logs to ensure that node is running:
@@ -70,26 +341,20 @@
   laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
   ```
 
-## Create Validator
+- Export required env vars for creating validator:
-
-- Export required env vars:
 
   ```bash
-  # private key of the existing account
+  # private key of another existing account with balance
   export PVT_KEY=<private-key-in-hex-format>
 
   # desired key name
-  export KEY_NAME=<key-name>
+  export KEY_NAME=validator-2
-
-  export DATA_DIRECTORY=<data-directory>
-  export MAINNET_DEPLOYMENT_DIR=<mainnet-deployment-dir>
   ```
 
 - Run ansible playbook to create validator on running chain:
 
-  <!-- TODO: Use OS keyring -->
   ```bash
-  ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml
+  ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml
   ```
 
 - Check the validator list:
@@ -97,3 +362,16 @@
   ```bash
   laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'
   ```
+
+- Remove the validator key from node deployment as it is no longer required
+  ```bash
+  rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
+  ```
+
+## Cleanup
+
+- Remove deployments and other config files
+
+  ```bash
+  rm -rf *-spec.yml *-deployment tmkms-* output
+  ```

docs/run-first-validator.md

@@ -5,7 +5,7 @@
 - [ansible](playbooks/README.md#ansible-installation)
 - [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install)
 
-## Generate mainnet genesis file
+## Export testnet state
 
 - Get your private key from testnet deployment:
 
@@ -35,6 +35,8 @@
 
   - The file will be generated in `<absolute-path-to-testnet-deployment>/export/testnet-state.json`
 
+## Generate mainnet genesis file
+
 - If mainnet node is to be setup in a new machine, fetch the stack again:
 
   ```bash
@@ -126,6 +128,7 @@
 - Set `$TMKMS_HOME` to the directory path containing TMKMS config files
 
   ```bash
+  # Contents of tmkms config directory
   ls -l $TMKMS_HOME
   drwxrwxr-x 2 ... schema
   drwx------ 2 ... secrets
@@ -133,7 +136,7 @@
   -rw-rw-r-- 1 ... tmkms.toml
   ```
 
-- Update the TMKMS configuration file (usually located at `$TMKMS_HOME/tmkms.toml`):
+- Update the TMKMS configuration file `$TMKMS_HOME/tmkms.toml`:
   ```toml
   [[chain]]
   id = "laconic-mainnet"
@@ -180,12 +183,20 @@
   tmkms start --config $TMKMS_HOME/tmkms.toml
   ```
 
-- Enable TMKMS in the node configuration:
+- Enable TMKMS in the laconicd node configuration:
   ```bash
   # Set TMKMS_ENABLED to true in the node's config.env
   echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
   ```
 
+- Remove the validator key from node deployment as it is no longer required
+
+  ```bash
+  rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
+  ```
+
+  NOTE: Store it safely offline in case of an emergency
+
 ## Run node
 
 - Command to run node
@@ -200,13 +211,18 @@
   laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
   ```
 
-- Remove the validator key from node deployment as it is no longer required
+- If TMKMS has been configured verify that validator key file generated in config directory is not being used
 
-  ```bash
+  - `laconicd start` command generates a new validator key file if it does not exist (in TMKMS configuration, we remove the validator key file)
-  rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
-  ```
 
-  NOTE: Store it safely offline in case of an emergency
+  - Compare and verify that the current validator pubkey and that of newly generated validator key are not same
+    ```bash
+    # Check consensus_pubkey in output
+    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators -o json | jq .validators'
+
+    # Check pub_key in output
+    sudo cat $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
+    ```
 
 - Check bonds list to confirm that testnet state was transferred properly:
 
@@ -246,7 +262,7 @@
 - Copy the staking amount file to [config](./config) folder:
 
   ```bash
-  cp <absolute-path-to-generated-output-dir>/staking-amount.json ~/cerc/laconicd-stack/config/staking-amount.json
+  cp $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/tmp/staking-amount.json ~/cerc/laconicd-stack/config/staking-amount.json
   ```
 
 - Get your node's address:

docs/run-validator.md

@@ -5,7 +5,7 @@
 - [ansible](playbooks/README.md#ansible-installation)
 - [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install)
 
-## Run node
+## Setup Node
 
 - Get your private key from testnet deployment:
 
@@ -57,14 +57,90 @@
   export MAINNET_DEPLOYMENT_DIR=
   ```
 
-- Run ansible playbook to set up and start your validator node:
+- Run ansible playbook to set up your validator node deployment:
 
   ```bash
-  ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/run-validator.yml
+  ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml
+  ```
+
+### Setup TMKMS (Optional but Recommended)
+
+<!-- Reference: https://docs.osmosis.zone/osmosis-core/keys/tmkms/#setup-tmkms -->
+
+- For integrating existing TMKMS with laconicd, follow steps below in the machine where TMKMS is setup
+
+- Set `$TMKMS_HOME` to the directory path containing TMKMS config files
+
+  ```bash
+  # Contents of tmkms config directory
+  ls -l $TMKMS_HOME
+  drwxrwxr-x 2 ... schema
+  drwx------ 2 ... secrets
+  drwxrwxr-x 2 ... state
+  -rw-rw-r-- 1 ... tmkms.toml
+  ```
+
+- Update the TMKMS configuration file `$TMKMS_HOME/tmkms.toml`:
+  ```toml
+  [[chain]]
+  id = "laconic-mainnet"
+  key_format = { type = "bech32", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
+  # Replace <TMKMS_HOME> with absolute path to tmkms config directory
+  state_file = "<TMKMS_HOME>/state/priv_validator_state.json"
+
+  [[validator]]
+  chain_id = "laconic-mainnet"
+  # Replace <NODE_IP> with actual IP address of the laconicd node
+  addr = "tcp://<NODE_IP>:26659"
+  # Replace <TMKMS_HOME> with absolute path to tmkms config directory
+  secret_key = "<TMKMS_HOME>/secrets/kms-identity.key"
+  protocol_version = "v0.34"
+  reconnect = true
+
+  [[providers.softsign]]
+  key_type = "consensus"
+  # Replace <TMKMS_HOME> with absolute path to tmkms config directory
+  path = "<TMKMS_HOME>/secrets/priv_validator_key"
+  chain_ids = ["laconic-mainnet"]
+  ```
+
+- Copy your validator key to TMKMS:
+
+  - The validator key in laconicd node deployment is present at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json`
+
+  - Place the validator key file in TMKMS config directory at `$TMKMS_HOME/secrets/`
+
+  - Import the private validator key into tmkms:
+    
+    ```bash
+    tmkms softsign import $TMKMS_HOME/secrets/priv_validator_key.json $TMKMS_HOME/secrets/priv_validator_key
+    ```
+  
+  - Remove the JSON key file
+    
+    ```bash
+    rm $TMKMS_HOME/secrets/priv_validator_key.json
+    ```
+
+- Start TMKMS:
+  ```bash
+  tmkms start --config $TMKMS_HOME/tmkms.toml
+  ```
+
+- Enable TMKMS in the laconicd node configuration:
+  ```bash
+  # Set TMKMS_ENABLED to true in the node's config.env
+  echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env
+  ```
+
+## Start Node
+
+- Start the laconicd node:
+  ```bash
+  laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start
   ```
 
 - Check logs to ensure that node is running:
-
   ```bash
   laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f
   ```
@@ -86,7 +162,6 @@
 
 - Run ansible playbook to create validator on running chain:
 
-  <!-- TODO: Use OS keyring -->
   ```bash
   ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml
   ```
@@ -97,6 +172,13 @@
   laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'
   ```
 
+- If TMKMS has been configured, remove the validator key from node deployment as it is no longer required:
+  ```bash
+  rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json
+  ```
+
+  NOTE: Store it safely offline in case of an emergency
+
 ## Register Your Node
 
 - Get your node's address:

playbooks/validator/setup-validator.yml

@@ -1,5 +1,5 @@
 ---
-- name: Run mainnet validator node
+- name: Setup mainnet validator node
   hosts: localhost
   vars_files:
     - validator-vars.yml
@@ -33,7 +33,7 @@
 
     - name: Build container images
       shell: |
-        laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd build-containers
+        laconic-so --stack ~/cerc/laconicd-stack/stack-orchestrator/stacks/mainnet-laconicd build-containers --force-rebuild
 
     - name: Create deployment spec file
       shell: |
@@ -76,6 +76,11 @@
         dest: "{{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data/tmp/genesis.json"
         mode: '0644'
 
-    - name: Run validator node
+    - name: Initialize laconicd node
       shell: |
-        laconic-so deployment --dir {{data_directory}}/{{ mainnet_deployment_dir }} start
+        docker run -i \
+          -v {{data_directory}}/{{ mainnet_deployment_dir }}/data/laconicd-data:/root/.laconicd \
+          -v {{data_directory}}/{{ mainnet_deployment_dir }}/config/mainnet-laconicd:/scripts \
+          -e "CERC_MONIKER={{ cerc_moniker }}" \
+          -e "CERC_CHAIN_ID={{ cerc_chain_id }}" \
+          cerc/laconicd:local bash -c "/scripts/setup-laconicd.sh"

stack-orchestrator/compose/docker-compose-mainnet-laconicd.yml

@@ -13,6 +13,7 @@ services:
     volumes:
       - laconicd-data:/root/.laconicd
       - ../config/mainnet-laconicd/run-laconicd.sh:/opt/run-laconicd.sh
+      - ../config/mainnet-laconicd/setup-laconicd.sh:/scripts/setup-laconicd.sh
       - ../config/mainnet-laconicd/create-validator.sh:/scripts/create-validator.sh
     ports:
       - "6060"

stack-orchestrator/config/mainnet-laconicd/create-and-collect-gentx.sh

@@ -4,7 +4,6 @@ set -e
 
 NODE_HOME=/root/.laconicd
 genesis_file_path=$NODE_HOME/config/genesis.json
-# TODO: Set to OS keyring backend
 KEYRING="test"
 
 if [ -f "$genesis_file_path" ]; then
@@ -46,7 +45,7 @@ laconicd config set client keyring-backend $KEYRING
 laconicd init $MONIKER --chain-id=$CHAIN_ID --home $NODE_HOME
 
 # Make config directory accessible without root permissions in docker host
-chmod -R 777 $$NODE_HOME/config
+chmod -R 777 $NODE_HOME/config
 
 # Copy over provided genesis config
 cp $input_genesis_file $genesis_file_path

stack-orchestrator/config/mainnet-laconicd/run-laconicd.sh

@@ -15,24 +15,12 @@ if [ ! -f ${input_genesis_file} ]; then
 fi
 
 echo "Env:"
-echo "Moniker: $CERC_MONIKER"
-echo "Chain Id: $CERC_CHAIN_ID"
 echo "Persistent peers: $CERC_PEERS"
 echo "Min gas price: $MIN_GAS_PRICE"
 echo "Log level: $CERC_LOGLEVEL"
 echo "TMKMS enabled: $TMKMS_ENABLED"
 
-# Set chain id in config
+/scripts/setup-laconicd.sh
-laconicd config set client chain-id $CERC_CHAIN_ID --home $NODE_HOME
-
-# Check if node data dir already exists
-if [ -z "$(ls -A "$NODE_HOME/data")" ]; then
-  # Init node
-  echo "Initializing a new laconicd node with moniker $CERC_MONIKER and chain id $CERC_CHAIN_ID"
-  laconicd init $CERC_MONIKER --chain-id=$CERC_CHAIN_ID --home $NODE_HOME
-else
-  echo "Node data dir $NODE_HOME/data already exists, skipping initialization..."
-fi
 
 # Use provided config files
 cp $input_genesis_file $NODE_HOME/config/genesis.json

stack-orchestrator/config/mainnet-laconicd/setup-laconicd.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+if [[ -n "$CERC_SCRIPT_DEBUG" ]]; then
+  set -x
+fi
+
+set -e
+
+NODE_HOME=/root/.laconicd
+
+echo "Env:"
+echo "Moniker: $CERC_MONIKER"
+echo "Chain Id: $CERC_CHAIN_ID"
+
+# Set chain id in config
+laconicd config set client chain-id $CERC_CHAIN_ID --home $NODE_HOME
+
+# Check if node data dir already exists
+if [ -z "$(ls -A "$NODE_HOME/data")" ]; then
+  # Init node
+  echo "Initializing a new laconicd node with moniker $CERC_MONIKER and chain id $CERC_CHAIN_ID"
+  laconicd init $CERC_MONIKER --chain-id=$CERC_CHAIN_ID --home $NODE_HOME
+  
+  # Make config directory accessible without root permissions in docker host
+  chmod -R 777 $NODE_HOME/config
+else
+  echo "Node data dir $NODE_HOME/data already exists, skipping initialization..."
+fi
+