# Use Keystore for private key encryption {% embed url="" %} To set up the keystore, follow these steps: ### 1. Generate Keystore Run the keystore generation with following command format: ``` othentic-cli [SUB-COMMAND-1] [SUB-COMMAND-2] --keystore --keystore-password ``` ### 2. Update .env file Replace PRIVATE\_KEY with the following entries: ``` //.env ... WALLET_KEYSTORE_PATH=.keystore/c54b33db-311c-4e32-9ed3-375e5c0b6f0c # Keystore path WALLET_KEYSTORE_PASSWORD=123 OPERATOR_ADDRESS=0xabc # Only include if Controller Key and Consensus Key differ ``` ### 3. Update Docker Compose file Update your docker-compose.yml with the following structure: ``` attestor: <<: *othentic-cli container_name: attestor command: - "node" - "attester" - "/ip4/34.229.78.54/tcp/9876/p2p/${OTHENTIC_BOOTSTRAP_ID}" - "--json-rpc" - "--json-rpc.custom-message-enabled" - "--avs-webapi" - "http://172.28.0.20" - "--avs-webapi-port" - "${AVS_WEBAPI_PORT}" - "--l1-chain" - "holesky" - "--l2-chain" - "amoy" - "--metrics" - "--p2p.datadir" - "data/peerstore/attester" - "--keystore" - "${WALLET_KEYSTORE_PATH}" - "--keystore-password" - "${WALLET_KEYSTORE_PASSWORD}" environment: - OTHENTIC_BOOTSTRAP_ID=${OTHENTIC_BOOTSTRAP_ID} - AVS_WEBAPI_PORT=${AVS_WEBAPI_PORT} - LOG_DIR=data/logs/attester - WALLET_KEYSTORE_PASSWORD=${WALLET_KEYSTORE_PASSWORD} - WALLET_KEYSTORE_PATH=${WALLET_KEYSTORE_PATH} volumes: - ./data/peerstore/attestor:/app/data/peerstore/attestor - ./data/logs/attestor:/app/logs/peerstore/attestor - ./keystore:/app/data/keystore # Assuming if you are using keystone directory name networks: mishti_network: ipv4_address: 172.28.0.30 depends_on: - avswebapi logging: driver: "json-file" options: max-file: "10" max-size: "20m" ``` (environment and volumes sections need to be upadated here)