Use Keystore for private key encryption
To ensure privacy over operator's private key, an alternative to write it down in the .env file would be to use Keystores as presented by Othentic in the following documentation:
To set up the keystore, follow these steps:
1. Generate Keystore
Run the keystore generation with following command format:
othentic-cli [SUB-COMMAND-1] [SUB-COMMAND-2]
--keystore <KEYSTORE_PATH>
--keystore-password <DECRYPT_PASSWORD>2. Update .env file
Replace PRIVATE_KEY with the following entries:
//.env
...
WALLET_KEYSTORE_PATH=.keystore/c54b33db-311c-4e32-9ed3-375e5c0b6f0c # Keystore path
WALLET_KEYSTORE_PASSWORD=123
OPERATOR_ADDRESS=0xabc # Only include if Controller Key and Consensus Key differ3. Update Docker Compose file
Update your docker-compose.yml with the following structure:
attestor:
<<: *othentic-cli
container_name: attestor
command:
- "node"
- "attester"
- "/ip4/34.229.78.54/tcp/9876/p2p/${OTHENTIC_BOOTSTRAP_ID}"
- "--json-rpc"
- "--json-rpc.custom-message-enabled"
- "--avs-webapi"
- "http://172.28.0.20"
- "--avs-webapi-port"
- "${AVS_WEBAPI_PORT}"
- "--l1-chain"
- "holesky"
- "--l2-chain"
- "amoy"
- "--metrics"
- "--p2p.datadir"
- "data/peerstore/attester"
- "--keystore"
- "${WALLET_KEYSTORE_PATH}"
- "--keystore-password"
- "${WALLET_KEYSTORE_PASSWORD}"
environment:
- OTHENTIC_BOOTSTRAP_ID=${OTHENTIC_BOOTSTRAP_ID}
- AVS_WEBAPI_PORT=${AVS_WEBAPI_PORT}
- LOG_DIR=data/logs/attester
- WALLET_KEYSTORE_PASSWORD=${WALLET_KEYSTORE_PASSWORD}
- WALLET_KEYSTORE_PATH=${WALLET_KEYSTORE_PATH}
volumes:
- ./data/peerstore/attestor:/app/data/peerstore/attestor
- ./data/logs/attestor:/app/logs/peerstore/attestor
- ./keystore:/app/data/keystore # Assuming if you are using keystone directory name
networks:
mishti_network:
ipv4_address: 172.28.0.30
depends_on:
- avswebapi
logging:
driver: "json-file"
options:
max-file: "10"
max-size: "20m"(environment and volumes sections need to be upadated here)
Last updated