cerc-io/laconicd-stack
13
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
40ac26bd78
laconicd-stack/docs/demo.md
Nabarun 40ac26bd78 Add steps to configure TMKMS in node deployments (#4) 
Part of https://www.notion.so/Create-stacks-for-mainnet-1f2a6b22d4728034be4be2c51decf94e

- TMKMS config is for `softsign` backend provider

Reviewed-on: #4
Co-authored-by: Nabarun <nabarun@deepstacksoft.com>
Co-committed-by: Nabarun <nabarun@deepstacksoft.com>
2025-05-20 13:55:15 +00:00

12 KiB
Raw Blame History

demo

Prerequisites

  • ansible
  • laconic-so
  • tmkms
    • Install with softsign feature 
      cargo install tmkms --features=softsign --version=0.14.0
  • testnet-state.json (exported testnet state)
  • distribution.json (JSON containing the lps_lockup distribution)

Steps

  • In current working directory demo, keep exported testnet-state.json and distribution.json file from prerequisites

  • Fetch stack:

    laconic-so fetch-stack git.vdb.to/cerc-io/laconicd-stack --git-ssh --pull

  • Export current working directory

    export CWD=$(pwd)

  • Set envs:

    export EXPORTED_STATE_PATH=$CWD/testnet-state.json
export LPS_DISTRIBUTION_PATH=$CWD/distribution.json

# Test address that does not exist on testnet chain
export EARLY_SUPPORTS_ACC_ADDR=laconic1gwytamfk3m5n0gsawh5vpwxkwd3vapmvzpp6nz

  • Copy the example variables file:

    cp ~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.example.yml ~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.yml

  • Run playbook to use exported state for generating mainnet genesis:

    ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/generate-genesis.yml -e "exported_state_path=$EXPORTED_STATE_PATH" -e "lps_distribution_path=$LPS_DISTRIBUTION_PATH" -e "early_supports_acc_address=$EARLY_SUPPORTS_ACC_ADDR"

  • Genesis file will be generated in output directory along with a file specifying the staking amount

    # List files in output directory - genesis.json and staking-amount.json
ls -l output

  • Set env for key of account with balance in testnet:

    export FIRST_ACCOUNT_KEY=<KEY_OF_ACCOUNT_WITH_BALANCE_IN_TESTNET>

  • Create and populate first-validator-vars.yml:

    cat > ~/cerc/laconicd-stack/playbooks/first-validator/first-validator-vars.yml << EOL
# Use a private key of an existing account with balance in testnet
pvt_key: $FIRST_ACCOUNT_KEY

# Path to the generated mainnet genesis file
# Use the absolute path of generated output directory in the previous steps
genesis_file: "$CWD/output/genesis.json"

# Path to staking-amount.json generated in previous steps
staking_amount_file: "$CWD/output/staking-amount.json"

# Set custom moniker for the node
cerc_moniker: "LaconicMainnet"
# Set desired key name
key_name: "laconic-validator"

cerc_chain_id: "laconic-mainnet"
min_gas_price: 0.001
cerc_loglevel: "info"
key_name: "laconic-validator"
EOL

  • Export the data directory and mainnet deployment directory as environment variables:

    # Parent directory where the deployment directory will live
export DATA_DIRECTORY=$CWD

# Set mainnet deployment directory
export MAINNET_DEPLOYMENT_DIR=mainnet-laconicd-deployment

  • Run ansible playbook to submit gentx and setup the node:

    ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/first-validator/setup-first-validator.yml

  • Create tmks config directory for first validator node

    tmkms init ./tmkms-first-node

  • Update the TMKMS configuration file ./tmkms-first-node/tmkms.toml:

    cat > ./tmkms-first-node/tmkms.toml << EOL
[[chain]]
id = "laconic-mainnet"
key_format = { type = "cosmos-json", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
state_file = "$CWD/tmkms-first-node/state/priv_validator_state.json"

[[validator]]
chain_id = "laconic-mainnet"
addr = "tcp://localhost:26659"
secret_key = "$CWD/tmkms-first-node/secrets/kms-identity.key"
protocol_version = "v0.34"
reconnect = true

[[providers.softsign]]
key_type = "consensus"
path = "$CWD/tmkms-first-node/secrets/priv_validator_key"
chain_ids = ["laconic-mainnet"]
EOL

  • Import the private validator key into tmkms:

    tmkms softsign import $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json $CWD/tmkms-first-node/secrets/priv_validator_key

  • Start TMKMS:

    tmkms start --config $CWD/tmkms-first-node/tmkms.toml

    • Expected example output:

       INFO tmkms::commands::start: tmkms 0.14.0 starting up...
 INFO tmkms::keyring: [keyring:softsign] added consensus Ed25519 key: {"@type":"/cosmos.crypto.ed25519.PubKey","key":"T24No1A1FmetNRVCOSg2G2XAKWh97oBXuELdAD6DFgw="}
 INFO tmkms::connection::tcp: KMS node ID: 7f5fd8dae8953e964e7e56edd4700f597ea0d45c
ERROR tmkms::client: [laconic-mainnet@tcp://localhost:26659] I/O error: Connection refused (os error 111)

      NOTE: The errors dissapear once the laconicd node starts

    • Note the pubkey logged at start for comparing later with validator pubkey on chain

  • In a new terminal export envs

    export CWD=$(pwd)
export DATA_DIRECTORY=$CWD
export MAINNET_DEPLOYMENT_DIR=mainnet-laconicd-deployment

# Test address that does not exist on testnet chain
export EARLY_SUPPORTS_ACC_ADDR=laconic1gwytamfk3m5n0gsawh5vpwxkwd3vapmvzpp6nz

  • Enable TMKMS in the laconicd node configuration:

    echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env

  • Remove the validator key from node deployment as it is no longer required

    rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json

  • Run the first validator node

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start

  • Check logs to ensure that node is running:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f

  • Verify that validator and TMKMS pubkeys match

    • Get validator pubkey on chain

      # Check consensus_pubkey in output
laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators -o json | jq .validators'

    • Compare it with the pubkey noted from logs in TMKMS

  • Check bonds list to confirm that testnet state was transferred properly:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query bond list'

  • Check alps and alnt tokens total supply:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query bank total-supply'

  • Query the lps_lockup account and view distribution:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup'

  • Query the lps_lockup and early supports accounts balances:

    lockup_account_address=$(laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query auth module-account lps_lockup -o json | jq -r .account.value.base_account.address')

laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $lockup_account_address"

laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd "laconicd query bank balances $EARLY_SUPPORTS_ACC_ADDR"

  • Copy the genesis file to config folder:

    cp $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/genesis.json ~/cerc/laconicd-stack/config/mainnet-genesis.json

  • Copy the staking amount file to config folder:

    cp $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/tmp/staking-amount.json ~/cerc/laconicd-stack/config/staking-amount.json

  • Copy the example variables file:

    cp ~/cerc/laconicd-stack/playbooks/validator/validator-vars.example.yml ~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml

  • Check first validator node address using:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'echo $(laconicd cometbft show-node-id)@host.docker.internal:26656'

  • Update cerc_peers in ~/cerc/laconicd-stack/playbooks/validator/validator-vars.yml:

    cerc_moniker: "LaconicMainnetNode-2"

cerc_peers: "<node-id>@host.docker.internal:26656"

  • Export the data directory and mainnet deployment directory as environment variables:

    # Parent directory where the deployment directory will live
export DATA_DIRECTORY=$CWD

# Set mainnet deployment directory
export MAINNET_DEPLOYMENT_DIR=mainnet-validator-deployment

  • Update port mappings in ~/cerc/laconicd-stack/playbooks/validator/templates/specs/spec-template.yml.j2 to avoid port conflicts with first validator node:

    network:
  ports:
    laconicd:
      - '3060:6060'
      - '36659:26659'
      - '36657:26657'
      - '36656:26656'
      - '3473:9473'
      - '3090:9090'
      - '3317:1317'

  • Run ansible playbook to set up your validator node deployment:

    ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/setup-validator.yml

  • Create tmks config directory for second validator node

    tmkms init ./tmkms-second-node

  • Update the TMKMS configuration file ./tmkms-second-node/tmkms.toml:

    cat > ./tmkms-second-node/tmkms.toml << EOL
[[chain]]
id = "laconic-mainnet"
key_format = { type = "cosmos-json", account_key_prefix = "laconicpub", consensus_key_prefix = "laconicvalconspub" }
state_file = "$CWD/tmkms-second-node/state/priv_validator_state.json"

[[validator]]
chain_id = "laconic-mainnet"
addr = "tcp://localhost:36659"
secret_key = "$CWD/tmkms-second-node/secrets/kms-identity.key"
protocol_version = "v0.34"
reconnect = true

[[providers.softsign]]
key_type = "consensus"
path = "$CWD/tmkms-second-node/secrets/priv_validator_key"
chain_ids = ["laconic-mainnet"]
EOL

  • Import the private validator key into tmkms:

    tmkms softsign import $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json $CWD/tmkms-second-node/secrets/priv_validator_key

  • Start TMKMS:

    tmkms start --config $CWD/tmkms-second-node/tmkms.toml

  • In a new terminal export envs

    export CWD=$(pwd)
export DATA_DIRECTORY=$CWD
export MAINNET_DEPLOYMENT_DIR=mainnet-validator-deployment

  • Enable TMKMS in the laconicd node configuration:

    echo "TMKMS_ENABLED=true" >> $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/config.env

  • Start the node:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR start

  • Check logs to ensure that node is running:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR logs laconicd -f

  • Export required env vars for creating validator:

    # private key of another existing account with balance
export PVT_KEY=<private-key-in-hex-format>

# desired key name
export KEY_NAME=validator-2

  • Run ansible playbook to create validator on running chain:

    ansible-playbook -v -i localhost, -c local ~/cerc/laconicd-stack/playbooks/validator/create-validator.yml

  • Check the validator list:

    laconic-so deployment --dir $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR exec laconicd 'laconicd query staking validators'

  • Remove the validator key from node deployment as it is no longer required

    rm $DATA_DIRECTORY/$MAINNET_DEPLOYMENT_DIR/data/laconicd-data/config/priv_validator_key.json

Cleanup

  • Remove deployments and other config files

    rm -rf *-spec.yml *-deployment tmkms-* output