Comment on page
Enabling DKG
The SSV-DKG tool is yet to be audited. Please refrain from using it on mainnet.
The
ssv-dkg
tool enable operators to participate in ceremonies to generate distributed validator keys for Ethereum stakers.The
ssv-dkg
tool is separate from the ssv-node
, and could be running on a different machine, but the two are heavily correlated, as the keyshare generated by the ssv-dkg
tool, will ultimately be used by the Node itself to manage the related validator.If you wish to take part in DKG ceremonies initiated by stakers and increase your opportunity to run their validators, it is crucial to have your ssv-dkg client online at all times.
Also, in order to access logs it is necessary to utilize permanent storage when running this software.
In order to successfully participate in DKG ceremonies initiated by stakers, you will need to possess and/or provide this information:
- Operator ID - the ID of your operator within the SSV network.
- Operator Key Pair
- Public Key - the public key of the operator
- Private Key - the private key of the operator as an password-encrypted file (follow this guide to generate an encrypted private key file or this migration guide to encrypt existing keys)
- Machine Endpoint - the endpoint (
protocol:ip:port
) of the machine intended to run thessv-dkg
client (if you have a domain name, instead of anip
that works as well)
You must use the keys of your SSV operator as the
ssv-dkg
key pairs. Failure to do so will result in the inability to decrypt the keyshare and fulfill validator duties.It is advised launching the tool as a Docker image as it is the most convenient way and only requires to have Docker installed. The team builds a Docker image with every release of the tool.
Launch with Docker and YAML file
Build from Source
All of the necessary configuration information can be provided in a YAML file (referenced as
operator.yaml
from now on).A good way to manage all the necessary files (
encrypted_private_key.json
, password
) is to store them in a single folder (in this case operator-config
), together with the operator.yaml
configuration file, like so:ssv@localhost:~/ssv-dkg# tree operator-config
operator-config
├── encrypted_private_key.json
├── operator.yaml
└── password
1 directory, 3 files
With this configuration, a typical configuration file would look like this:
operator.yaml
privKey: /data/encrypted_private_key.json
privKeyPassword: /data/password
port: 3030
storeShare: true
logLevel: info
logFormat: json
logLevelFormat: capitalColor
logFilePath: /data/debug.log
In the config file above,
/data/
represents the container's shared volume created by the docker
command itself with the -v
option.Under the assumption that all the necessary files (
encrypted_private_key.json
, operator.yaml
, password
) are under the same folder (represented below with <PATH_TO_FOLDER_WITH_CONFIG_FILES>
) you can run the tool using the command below:docker run --restart unless-stopped --name ssv_dkg -p 3030:3030 \
-v "<PATH_TO_FOLDER_WITH_CONFIG_FILES>":/data -it \
"bloxstaking/ssv-dkg:latest" /app start-operator \
--configPath /data/operator.yaml
Just make sure to substitute
<PATH_TO_FOLDER_WITH_CONFIG_FILES>
with the actual folder containing all the files.You can, of course, change the configuration above to one that suits you better, just be mindful about changing the path references in the docker command and in the
operator.yaml
file as well.This command will keep the terminal busy, showing the container's logs. It is useful to make sure that the tool start up sequence runs correctly.
You can detach the terminal at any time by hitting
Ctrl-c
key combination, or closing the terminal itself. The tool will be stopped, but it will restart automatically, thanks to the --restart unless-stopped
startup parameter.If you are sure that the tool works, and don't care about the logs, you can add the
-d
parameter right after docker run
.A prerequisite for this is to have
go
version 1.20 installed on the system, and an optional requirement is to have the make
tool installed as well (alternatively you could run the corresponding command defined in the Makefile
).Clone the
ssv-dkg
repository in your local machine:git clone [email protected]:bloxapp/ssv-dkg.git
From the project's root folder, run the following command:
make install
It is advised to store all the necessary files (
encrypted_private_key.json
, password
) in a single folder (in this case operator-config
), as shown below:ssv@localhost:~/ssv-dkg# tree operator-config
operator-config
├── encrypted_private_key.json
└── password
1 directory, 2 files
To run the DKG tool as an operator, you can launch the following command with the appropriate values to each parameter:
ssv-dkg start-operator \
--privKey ./operator-config/encrypted_private_key.json \
--port 3030 \
--privKeyPassword ./operator-config/password \
--storeShare true \
--logLevel info \
--logFormat json \
--logLevelFormat capitalColor \
--logFilePath ./operator-config/debug.log
Here's an explanation of each parameter:
Argument | Type | Description |
---|---|---|
--privKey | string | Path to private key of ssv operator |
--port | int | Port for listening messages (default: 3030 ) |
--privKeyPassword | string | Path to password file to decrypt the key |
--storeShare | bool | Whether to store the created bls key share to a file for later reuse if needed (default: false ) |
--logLevel | debug | info | warning | error | critical | Logger's log level (default: debug ) |
--logFormat | json | console | Logger's encoding (default: json ) |
--logLevelFormat | capitalColor | capital | lowercase | Logger's level format (default: capitalColor ) |
--logFilePath | string | Path to file where logs should be written (default: ./data/debug.log ) |
It is also possible to use YAML configuration file, just as it was shown in the Docker section above.
Just pay attention to the path of the necessary files, which needs to be changed to reflect the local configuration. If the
operator.yaml
file is created in the same folder as the other files, and the folder structure looks like this:ssv@localhost:~/ssv-dkg# tree operator-config
operator-config
├── encrypted_private_key.json
├── operator.yaml
└── password
1 directory, 3 files
Then the content of the YAML file should be changed to this:
operator.yaml
privKey: ./operator-config/encrypted_private_key.json
privKeyPassword: ./operator-config/password
port: 3030
storeShare: true
logLevel: info
logFormat: json
logLevelFormat: capitalColor
logFilePath: ./operator-config/debug.log
Then the tool can be launched from the root folder, by running this command:
ssv-dkg start-operator --configPath "./operator-config/operator.yaml"
If the
--configPath
parameter is not provided, ssv-dkg
will be looking for a file named config.yaml
in ./config/
folder at the same root as the binary (i.e. ./config/config.yaml
)To participate in DKG ceremonies without coordination and to enable others to initiate ceremonies with you via your provided endpoint, it's crucial to update your operator metadata with the correct information.
Once the DKG tool is up and running, please make sure to update your operator metadata, and provide your DKG Operator endpoint, in the form of
protocol:ip:port
(if you have a domain name, instead of an ip
that works as well).Last modified 1d ago