#!/bin/bash # From Documentation # https://github.com/input-output-hk/cardano-tutorials/blob/master/node-setup/060_node_keys.md # https://github.com/input-output-hk/cardano-tutorials/blob/master/node-setup/080_register_stakepool.md # Init vars source /scripts/init_node_vars source /scripts/functions/wait_for_sync # Enter staking directory mkdir -p ${NODE_PATH}/staking/pool-keys mkdir -p ${NODE_PATH}/staking/cold-keys cd ${NODE_PATH}/staking/ echo "" echo "Generate operational certificates" if [ -d "pool-keys/" ]; then source pool-keys/KESPERIOD BACKUPNAME=pool-keys.$(date +%s).tar.gz echo "pool-keys already exist." echo "Created at slot: ${KESSLOT}" echo "Backing up to ${BACKUPNAME} before creating new KES keys." mkdir -p ../backups/ tar -zcvf ../backups/${BACKUPNAME} pool-keys/ > /dev/null fi if [ -d "cold-keys/" ]; then BACKUPNAME=cold-keys.$(date +%s).tar.gz echo "Backing up to ${BACKUPNAME} before creating new KES keys." mkdir -p ../backups/ tar -zcvf ../backups/${BACKUPNAME} cold-keys/ > /dev/null fi # Create cold key if [ ! -f "cold-keys/cold.skey" ]; then echo "Creating cold keys." echo "Warning: The cold keys should NOT be kept on your server. You should backup your cold keys and delete them from the server." echo "Alternatively you can generate the keys on a seperate offline node, and move all the neccessary certificates and keys to the active staking node." cardano-cli node key-gen \ --cold-verification-key-file cold-keys/cold.vkey \ --cold-signing-key-file cold-keys/cold.skey \ --operational-certificate-issue-counter-file cold-keys/cold.counter cardano-cli stake-pool id --verification-key-file cold-keys/cold.vkey > ${NODE_PATH}/staking/POOL_ID else echo "Cold keys already exists." fi # Create Verifiable Random Function key if [ ! -f "pool-keys/vrf.vkey" ]; then echo "Generating VRF key" cardano-cli node key-gen-VRF \ --verification-key-file pool-keys/vrf.vkey \ --signing-key-file pool-keys/vrf.skey fi # Create Key Evolving Signature key if [ ! -f "pool-keys/kes.vkey" ]; then echo "Generating KES key" cardano-cli node key-gen-KES \ --verification-key-file pool-keys/kes.vkey \ --signing-key-file pool-keys/kes.skey fi # Get tip TIP=$1 if [ -z "$TIP" ]; then echo "You need to find the current tip of the blockchain. To get the current tip you can run the command \`get_slot\` in the your relay container." read -p "Enter the current tip slot: " TIP elif [ "$TIP" == "LIVE" ]; then echo "Getting slot from live socket" if [[ "${WAIT_FOR_SYNC}" == "True" ]]; then wait_for_sync 99.90 fi TIP=$(get_slot) fi # Get KESPeriod SLOTSPERKESPERIOD=$(jq -r '.slotsPerKESPeriod' ${NODE_PATH}/shelley-genesis.json) MAXKESEVOLUTIONS=$(jq -r '.maxKESEvolutions' ${NODE_PATH}/shelley-genesis.json) MAXKESSLOTS=$(expr ${SLOTSPERKESPERIOD} \* ${MAXKESEVOLUTIONS}) KESPERIOD=$(expr ${TIP} / ${SLOTSPERKESPERIOD}) #KESPERIOD=$(expr ${KESPERIOD} - 1) # Because of bug in 1.19.0 EXPIRESLOT=$(expr ${TIP} + ${MAXKESSLOTS}) echo "export SLOTSPERKESPERIOD=${SLOTSPERKESPERIOD}" > pool-keys/KESPERIOD echo "export KESSLOT=${TIP}" >> pool-keys/KESPERIOD echo "export MAXKESEVOLUTIONS=${MAXKESEVOLUTIONS}" >> pool-keys/KESPERIOD echo "export MAXKESSLOTS=${MAXKESSLOTS}" >> pool-keys/KESPERIOD echo "export KESPERIOD=${KESPERIOD}" >> pool-keys/KESPERIOD echo "export EXPIRESLOT=${EXPIRESLOT}" >> pool-keys/KESPERIOD echo "Current slot: ${TIP}" echo "slotsPerKesPeriod: ${SLOTSPERKESPERIOD}" echo "KESPeriod: ${KESPERIOD}" echo "MaxKESSlots: ${MAXKESSLOTS}" echo "KESExpireSlot: ${EXPIRESLOT}" # Create an operational node certificate cardano-cli node issue-op-cert \ --kes-verification-key-file pool-keys/kes.vkey \ --cold-signing-key-file cold-keys/cold.skey \ --operational-certificate-issue-counter cold-keys/cold.counter \ --kes-period ${KESPERIOD} \ --out-file pool-keys/node.cert echo "Successfully created node operational keys."