[Polkadot Wiki Migration] Secure Your Node #47
Conversation
CrackTheCode016
commented
Sep 19, 2024
•
CrackTheCode016
commented
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Remaining comments which cannot be posted as a review comment to avoid GitHub Rate Limit
vale
infrastructure/validators/onboarding/run-validator/secure-node.md|112 col 69| [Vale.Avoid] Avoid using 'we'.
infrastructure/validators/onboarding/run-validator/secure-node.md|117 col 28| [Google.We] Try to avoid using first-person plural like 'we'.
infrastructure/validators/onboarding/run-validator/secure-node.md|117 col 28| [Vale.Avoid] Avoid using 'we'.
infrastructure/validators/onboarding/run-validator/secure-node.md|121 col 60| [Papermoon.NotContractions] Use 'shouldn't' instead of 'should not'.
infrastructure/validators/onboarding/run-validator/secure-node.md|124 col 63| [Papermoon.CustomDictionary] Did you really mean 'VMs'?
infrastructure/validators/onboarding/run-validator/secure-node.md|124 col 63| [Vale.Spelling] Did you really mean 'VMs'?
infrastructure/validators/onboarding/run-validator/secure-node.md|125 col 85| [Papermoon.CustomDictionary] Did you really mean 'VMs'?
infrastructure/validators/onboarding/run-validator/secure-node.md|125 col 85| [Vale.Spelling] Did you really mean 'VMs'?
infrastructure/validators/onboarding/run-validator/secure-node.md|145 col 4| [Papermoon.CustomDictionary] Did you really mean 'Certus'?
infrastructure/validators/onboarding/run-validator/secure-node.md|145 col 4| [Vale.Spelling] Did you really mean 'Certus'?
infrastructure/validators/onboarding/run-validator/secure-node.md|146 col 4| [Papermoon.Acronyms] Spell out 'EOS', if it's unfamiliar to the audience.
infrastructure/validators/onboarding/run-validator/secure-node.md|147 col 4| [Papermoon.Acronyms] Spell out 'HSM', if it's unfamiliar to the audience.
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
CrackTheCode016
added
B0 - Needs Review
|
Will someone who knows this stuff to review properly |
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
| Session keys are generated inside the node via RPC call. See the [How to Validate guide]() for instructions on setting Session keys. These should be generated and kept within your client. When you generate new Session keys, you must submit an extrinsic (a Session certificate) from your staking proxy key telling the chain your new Session keys. | ||
|
|
||
| !!!info "Generating session keys" | ||
| Session keys can also be generated outside the client and inserted into the client's keystore via RPC. For most users, it is recommended to use the key generation functionality within the client. |
There was a problem hiding this comment.
I'd add a reference to that RPC as well.
Also, I'd explain what you mean here with key generation functionality or add a reference somewhere that explains that
There was a problem hiding this comment.
I am actually a little confused on what that means too, I assume it is parachain-binary key insert? cc: @DrW3RK
There was a problem hiding this comment.
Nvm I misread, I think it refers to the fact that you can generate a key like: parachain-binary OR polkadot-parachain key generation
Either way, this is something that can be put in the main validator guide and linked here later. Will add a todo
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
infrastructure/validators/onboarding/run-validator/secure-node.md
Outdated
Show resolved
Hide resolved
Co-authored-by: Nicolás Hussein <[email protected]>
|
|
||
| High availability set-ups that involve redundant validator nodes may seem attractive at first. However, they can be *very dangerous* if they aren't set up perfectly. The reason for this is that the session keys used by a validator should always be isolated to just a single node. Replicating session keys across multiple nodes could lead to equivocation [slashes](TODO:update-path){target=\_blank} or parachain validity slashes which can make you lose **100% of your staked funds**. | ||
|
|
||
| The good news is that 100% uptime of your validator isn't really needed, as it has some buffer within eras to go offline for a little while and upgrade. For this reason, it is advised that you only attempt a high availability set-up if *you're confident you know exactly what you're doing.* |
There was a problem hiding this comment.
i would say just do not do this, people should never do this
There was a problem hiding this comment.
Might be pertinent to note explicitly if you have two validators online with the same keys you will get slashed
There was a problem hiding this comment.
I think it would be better just to remove the whole section then? And make a note regarding the same keys being slashed
There was a problem hiding this comment.
@polkadot-developers/docs-content-team, can we please make a final decision on what needs to be removed, etc., and then I will review it for format?
There was a problem hiding this comment.
I think it would be better just to remove the whole section then? And make a note regarding the same keys being slashed
Agree on that on my end
There was a problem hiding this comment.
Added a note regarding this
|
Closing as this content is handled in PR #151 |
