# Run Validator Node ## Prerequisites - To fetch laconicd-stack: ```bash laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull ``` - Machine 1: Where the SAPO testnet node is already running - Machine 2: Where the mainnet validator node is to be setup - laconicd-stack - [ansible](playbooks/README.md#ansible-installation) - Mainnet genesis file in [config](./config) folder - Machine 3: Where the create-validator transaction is to be signed - laconicd-stack - [ansible](playbooks/README.md#ansible-installation) - Staking amount file in [config](./config) folder - Machine 4: Where the TMKMS service is to be setup - laconicd-stack - [ansible](playbooks/README.md#ansible-installation) - [laconic-so](https://github.com/cerc-io/stack-orchestrator/?tab=readme-ov-file#install) is required in all machines ## Stop SAPO testnet node - Run the following steps in machine where the testnet node is already running (machine 1) - Get your private key from testnet deployment: ```bash laconic-so deployment --dir exec laconicd "laconicd keys export --unarmored-hex --unsafe" ``` NOTE: Store this key securely as it is needed in [later steps](#create-validator) - Stop the node for SAPO testnet: ```bash laconic-so deployment --dir stop ``` ## Build laconicd to create validator - Run the following steps in a secure machine (machine 3) separate from the one where the node is to be setup (machine 2) - Run playbook to build laconicd container: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/build-laconicd.yml ``` ## Setup Node - Run the following steps in the machine where the validator node is to be setup (machine 2) - Copy the example variables file: ```bash cp ~/cerc/laconicd-stack/playbooks/validator/validator-vars.example.yml ~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml ``` - Update `~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml` with required values: ```bash # Set custom moniker for the node cerc_moniker: "" # Set persistent peers (comma-separated list of node IDs and addresses) # You can find the list of available peers in https://git.vdb.to/cerc-io/laconicd-stack/src/branch/main/node-addresses.yml cerc_peers: "@:26656,@:26656" # Enable TMKMS tmkms_enabled: true ``` - Export the data directory and mainnet deployment directory as environment variables: ```bash # Parent directory where the deployment directory will live export DATA_DIRECTORY= # Set mainnet deployment directory export MAINNET_DEPLOYMENT_DIR=mainnet-validator-deployment ``` - Run ansible playbook to set up your validator node deployment: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml ``` - Copy over the `priv_validator_key.json` located at `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json` to the machine where the TMKMS service is to be setup (machine 4) ```bash # Example command to transfer file from machine 2 to machine 4 (run on machine 2) scp -C $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json @: ``` ## Setup TMKMS - For integrating TMKMS with laconicd, follow steps below in the machine where the TMKMS service is to be setup (machine 4) - Export the data directory as environment variable: ```bash # Parent directory where the deployment directory will live export DATA_DIRECTORY= ``` - Run ansible playbook to setup the TMKMS service: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml ``` ## Run Node ### Start TMKMS - Run the following steps in the machine where [the TMKMS service is setup (Machine 4)](#setup-tmkms) - Copy the example variables file: ```bash cp ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.example.yml ~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml ``` - Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values: NOTE: Use the `priv_validator_key.json` file copied from the node setup machine (Machine 2) in [previous step](#setup-node) ```yaml # Absolute path to the node's private validator key file priv_validator_key_file_path: "" # Set the IP address of the machine where the laconicd node is setup node_ip: "" # Set the port of the laconicd node node_port: "26659" ``` - Run ansible playbook to run the TMKMS: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml ``` - Check logs to ensure that TMKMS is running: ```bash laconic-so deployment --dir $DATA_DIRECTORY/tmkms-deployment logs tmkms -f ``` - Expected example output: ```bash INFO tmkms::commands::start: tmkms 0.14.0 starting up... INFO tmkms::keyring: [keyring:softsign] added consensus Ed25519 key: {"@type":"/cosmos.crypto.ed25519.PubKey","key":"T24No1A1FmetNRVCOSg2G2XAKWh97oBXuELdAD6DFgw="} INFO tmkms::connection::tcp: KMS node ID: 7f5fd8dae8953e964e7e56edd4700f597ea0d45c ERROR tmkms::client: [laconic-mainnet@:26659] I/O error: Connection refused (os error 111) ``` NOTE: The errors dissapear once the laconicd node starts - Note the pubkey logged at start for comparing later with validator pubkey on chain ### Start Node - Run the following steps in the machine where [the validator node is setup (machine 2)](#setup-node) - Start the laconicd node: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start ``` - Check logs to ensure that node is running: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f ``` NOTE: The node takes a long time to start syncing blocks `~40 seconds`. - Get the public key of your node: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd tendermint show-validator" ``` NOTE: This public key is required in next step to create validator ## Create Validator - Run these steps in a machine from where [the create-validator transaction is to be signed (machine 3)](#build-laconicd-to-create-validator) - Copy the example variables file: ```bash cp ~/cerc/laconicd-stack/playbooks/validator/validator-vars.example.yml ~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml ``` - Update `~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml` with required values: NOTE: Use the public key exported in [previous step](#start-node) ```bash # Set the public IP address of the machine where your node is running node_url: "tcp://NODE_PUBLIC_IP_ADDRESS:26657" # Make sure to wrap it with single quotes ('') validator_pub_key: '' # Same moniker as set above cerc_moniker: "" ``` - Set a directory path required by the playbook to create validator (used temporarily): ```bash export DATA_DIRECTORY= ``` - Run ansible playbook to create a validator in the running chain: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml ``` - Input private key of the existing account that was exported in [previous steps](#stop-sapo-testnet-node) when prompted - Run the following commands in the machine where the validator node is running (machine 2) - Check the validator list: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators' ``` - Remove the validator key from node deployment as TMKMS is configured: NOTE: Store it safely offline in case of an emergency ```bash rm -rf $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json ``` ## Update config - Run following steps to update the config for TMKMS and node ### TMKMS - Run these steps in the machine where the TMKMS service is setup (machine 4) - Stop the TMKMS deployment: ```bash laconic-so deployment --dir $DATA_DIRECTORY/tmkms-deployment stop ``` - Update `~/cerc/laconicd-stack/playbooks/tmkms/tmkms-vars.yml` with required values - Run ansible playbook to run the TMKMS: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml ``` ### Node - Run these steps in the machine where the mainnet node is setup (machine 2) - Stop the node deployment: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR stop ``` - Update `$DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env` with required values - Start the node deployment: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start ``` ## Rebuild Images - Follow these steps to rebuild the images for TMKMS and node in case of any code changes ### TMKMS - Run these steps in the machine where the TMKMS service is setup (machine 4) - Stop the TMKMS deployment: ```bash laconic-so deployment --dir $DATA_DIRECTORY/tmkms-deployment stop ``` - Run ansible playbook to rebuild the TMKMS image: ```bash BUILD_ONLY=true ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/setup-tmkms.yml ``` - Start the TMKMS deployment: ```bash ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/tmkms/run-tmkms.yml ``` ### Node - Run these steps in the machine where the mainnet node is setup (machine 2) - Stop the node deployment: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR stop ``` - Run ansible playbook to rebuild the node image: ```bash BUILD_ONLY=true ansible-playbook -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml ``` - Start the node deployment: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start ``` ## Register Your Node - Run the following steps in the machine where the mainnet node is setup (machine 2) - Get your node's address: ```bash laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@YOUR_PUBLIC_IP_ADDRESS:26656' ``` - Add your node's address to the [node-addresses.yml](../node-addresses.yml) file - Submit a PR to add your node address to the repository