validator: Trusted validators are now called known validators
This commit is contained in:
parent
169ded9a70
commit
e0bc5fa690
|
@ -1,7 +1,7 @@
|
|||
// Service to verify accounts hashes with other trusted validator nodes.
|
||||
//
|
||||
// Each interval, publish the snapshat hash which is the full accounts state
|
||||
// hash on gossip. Monitor gossip for messages from validators in the --trusted-validators
|
||||
// hash on gossip. Monitor gossip for messages from validators in the `--known-validator`s
|
||||
// set and halt the node if a mismatch is detected.
|
||||
|
||||
use rayon::ThreadPool;
|
||||
|
|
|
@ -44,8 +44,8 @@ solana config set --url https://api.devnet.solana.com
|
|||
$ solana-validator \
|
||||
--identity validator-keypair.json \
|
||||
--vote-account vote-account-keypair.json \
|
||||
--trusted-validator dv1LfzJvDF7S1fBKpFgKoKXK5yoSosmkAdfbxBo1GqJ \
|
||||
--no-untrusted-rpc \
|
||||
--known-validator dv1LfzJvDF7S1fBKpFgKoKXK5yoSosmkAdfbxBo1GqJ \
|
||||
--only-known-rpc \
|
||||
--ledger ledger \
|
||||
--rpc-port 8899 \
|
||||
--dynamic-port-range 8000-8010 \
|
||||
|
@ -55,7 +55,7 @@ $ solana-validator \
|
|||
--limit-ledger-size
|
||||
```
|
||||
|
||||
The `--trusted-validator`s is operated by Solana
|
||||
The `--known-validator`s is operated by Solana
|
||||
|
||||
## Testnet
|
||||
|
||||
|
@ -88,11 +88,11 @@ solana config set --url https://api.testnet.solana.com
|
|||
$ solana-validator \
|
||||
--identity validator-keypair.json \
|
||||
--vote-account vote-account-keypair.json \
|
||||
--trusted-validator 5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on \
|
||||
--trusted-validator 7XSY3MrYnK8vq693Rju17bbPkCN3Z7KvvfvJx4kdrsSY \
|
||||
--trusted-validator Ft5fbkqNa76vnsjYNwjDZUXoTWpP7VYm3mtsaQckQADN \
|
||||
--trusted-validator 9QxCLckBiJc783jnMvXZubK4wH86Eqqvashtrwvcsgkv \
|
||||
--no-untrusted-rpc \
|
||||
--known-validator 5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on \
|
||||
--known-validator 7XSY3MrYnK8vq693Rju17bbPkCN3Z7KvvfvJx4kdrsSY \
|
||||
--known-validator Ft5fbkqNa76vnsjYNwjDZUXoTWpP7VYm3mtsaQckQADN \
|
||||
--known-validator 9QxCLckBiJc783jnMvXZubK4wH86Eqqvashtrwvcsgkv \
|
||||
--only-known-rpc \
|
||||
--ledger ledger \
|
||||
--rpc-port 8899 \
|
||||
--dynamic-port-range 8000-8010 \
|
||||
|
@ -104,7 +104,7 @@ $ solana-validator \
|
|||
--limit-ledger-size
|
||||
```
|
||||
|
||||
The identity of the `--trusted-validator`s are:
|
||||
The identity of the `--known-validator`s are:
|
||||
|
||||
- `5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on` - Solana Foundation (testnet.solana.com)
|
||||
- `7XSY3MrYnK8vq693Rju17bbPkCN3Z7KvvfvJx4kdrsSY` - Solana Foundation (Break RPC node)
|
||||
|
@ -142,11 +142,11 @@ solana config set --url https://api.mainnet-beta.solana.com
|
|||
$ solana-validator \
|
||||
--identity ~/validator-keypair.json \
|
||||
--vote-account ~/vote-account-keypair.json \
|
||||
--trusted-validator 7Np41oeYqPefeNQEHSv1UDhYrehxin3NStELsSKCT4K2 \
|
||||
--trusted-validator GdnSyH3YtwcxFvQrVVJMm1JhTS4QVX7MFsX56uJLUfiZ \
|
||||
--trusted-validator DE1bawNcRJB9rVm3buyMVfr8mBEoyyu73NBovf2oXJsJ \
|
||||
--trusted-validator CakcnaRDHka2gXyfbEd2d3xsvkJkqsLw2akB3zsN1D2S \
|
||||
--no-untrusted-rpc \
|
||||
--known-validator 7Np41oeYqPefeNQEHSv1UDhYrehxin3NStELsSKCT4K2 \
|
||||
--known-validator GdnSyH3YtwcxFvQrVVJMm1JhTS4QVX7MFsX56uJLUfiZ \
|
||||
--known-validator DE1bawNcRJB9rVm3buyMVfr8mBEoyyu73NBovf2oXJsJ \
|
||||
--known-validator CakcnaRDHka2gXyfbEd2d3xsvkJkqsLw2akB3zsN1D2S \
|
||||
--only-known-rpc \
|
||||
--ledger ledger \
|
||||
--rpc-port 8899 \
|
||||
--private-rpc \
|
||||
|
@ -161,4 +161,4 @@ $ solana-validator \
|
|||
--limit-ledger-size
|
||||
```
|
||||
|
||||
All four `--trusted-validator`s are operated by Solana
|
||||
All four `--known-validator`s are operated by Solana
|
||||
|
|
|
@ -205,11 +205,11 @@ health-check mechanism for use by load balancers or other network
|
|||
infrastructure. This request will always return a HTTP 200 OK response with a body of
|
||||
"ok", "behind" or "unknown" based on the following conditions:
|
||||
|
||||
1. If one or more `--trusted-validator` arguments are provided to `solana-validator`, "ok" is returned
|
||||
1. If one or more `--known-validator` arguments are provided to `solana-validator`, "ok" is returned
|
||||
when the node has within `HEALTH_CHECK_SLOT_DISTANCE` slots of the highest
|
||||
trusted validator, otherwise "behind". "unknown" is returned when no slot
|
||||
information from trusted validators is not yet available.
|
||||
2. "ok" is always returned if no trusted validators are provided.
|
||||
known validator, otherwise "behind". "unknown" is returned when no slot
|
||||
information from known validators is not yet available.
|
||||
2. "ok" is always returned if no known validators are provided.
|
||||
|
||||
## JSON RPC API Reference
|
||||
|
||||
|
@ -1195,10 +1195,10 @@ Result:
|
|||
|
||||
Returns the current health of the node.
|
||||
|
||||
If one or more `--trusted-validator` arguments are provided to
|
||||
If one or more `--known-validator` arguments are provided to
|
||||
`solana-validator`, "ok" is returned when the node has within
|
||||
`HEALTH_CHECK_SLOT_DISTANCE` slots of the highest trusted validator, otherwise
|
||||
an error is returned. "ok" is always returned if no trusted validators are
|
||||
`HEALTH_CHECK_SLOT_DISTANCE` slots of the highest known validator, otherwise
|
||||
an error is returned. "ok" is always returned if no known validators are
|
||||
provided.
|
||||
|
||||
#### Parameters:
|
||||
|
|
|
@ -37,8 +37,8 @@ solana-validator \
|
|||
--no-voting \
|
||||
--enable-rpc-transaction-history \
|
||||
--limit-ledger-size \
|
||||
--trusted-validator <VALIDATOR_ADDRESS> \
|
||||
--no-untrusted-rpc
|
||||
--known-validator <VALIDATOR_ADDRESS> \
|
||||
--only-known-rpc
|
||||
```
|
||||
|
||||
Customize `--ledger` to your desired ledger storage location, and `--rpc-port` to the port you want to expose.
|
||||
|
@ -56,7 +56,7 @@ default limit value used by `--limit-ledger-size`. More information about
|
|||
selecting a custom limit value is [available
|
||||
here](https://github.com/solana-labs/solana/blob/583cec922b6107e0f85c7e14cb5e642bc7dfb340/core/src/ledger_cleanup_service.rs#L15-L26).
|
||||
|
||||
Specifying one or more `--trusted-validator` parameters can protect you from booting from a malicious snapshot. [More on the value of booting with trusted validators](../running-validator/validator-start.md#trusted-validators)
|
||||
Specifying one or more `--known-validator` parameters can protect you from booting from a malicious snapshot. [More on the value of booting with known validators](../running-validator/validator-start.md#known-validators)
|
||||
|
||||
Optional parameters to consider:
|
||||
|
||||
|
|
|
@ -54,9 +54,9 @@ Post something like the following to #announcements (adjusting the text as appro
|
|||
> --hard-fork SLOT_X # <-- NEW! IMPORTANT! REMOVE AFTER THIS RESTART
|
||||
> --no-snapshot-fetch # <-- NEW! IMPORTANT! REMOVE AFTER THIS RESTART
|
||||
> --entrypoint entrypoint.testnet.solana.com:8001
|
||||
> --trusted-validator 5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on
|
||||
> --known-validator 5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on
|
||||
> --expected-genesis-hash 4uhcVJyU9pJkvQyS88uRDiswHXSCkY3zQawwpjk2NsNY
|
||||
> --no-untrusted-rpc
|
||||
> --only-known-rpc
|
||||
> --limit-ledger-size
|
||||
> ... # <-- your other --identity/--vote-account/etc arguments
|
||||
> ```
|
||||
|
@ -68,9 +68,9 @@ Post something like the following to #announcements (adjusting the text as appro
|
|||
> --wait-for-supermajority SLOT_X # <-- NEW! IMPORTANT! REMOVE AFTER THIS RESTART
|
||||
> --expected-bank-hash NEW_BANK_HASH # <-- NEW! IMPORTANT! REMOVE AFTER THIS RESTART
|
||||
> --entrypoint entrypoint.testnet.solana.com:8001
|
||||
> --trusted-validator 5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on
|
||||
> --known-validator 5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on
|
||||
> --expected-genesis-hash 4uhcVJyU9pJkvQyS88uRDiswHXSCkY3zQawwpjk2NsNY
|
||||
> --no-untrusted-rpc
|
||||
> --only-known-rpc
|
||||
> --limit-ledger-size
|
||||
> ... # <-- your other --identity/--vote-account/etc arguments
|
||||
> ```
|
||||
|
|
|
@ -258,15 +258,15 @@ solana create-vote-account ~/vote-account-keypair.json ~/validator-keypair.json
|
|||
|
||||
Read more about [creating and managing a vote account](vote-accounts.md).
|
||||
|
||||
## Trusted validators
|
||||
## Known validators
|
||||
|
||||
If you know and trust other validator nodes, you can specify this on the command line with the `--trusted-validator <PUBKEY>`
|
||||
argument to `solana-validator`. You can specify multiple ones by repeating the argument `--trusted-validator <PUBKEY1> --trusted-validator <PUBKEY2>`.
|
||||
This has two effects, one is when the validator is booting with `--no-untrusted-rpc`, it will only ask that set of
|
||||
trusted nodes for downloading genesis and snapshot data. Another is that in combination with the `--halt-on-trusted-validator-hash-mismatch` option,
|
||||
it will monitor the merkle root hash of the entire accounts state of other trusted nodes on gossip and if the hashes produce any mismatch,
|
||||
If you know and respect other validator operators, you can specify this on the command line with the `--known-validator <PUBKEY>`
|
||||
argument to `solana-validator`. You can specify multiple ones by repeating the argument `--known-validator <PUBKEY1> --known-validator <PUBKEY2>`.
|
||||
This has two effects, one is when the validator is booting with `--only-known-rpc`, it will only ask that set of
|
||||
known nodes for downloading genesis and snapshot data. Another is that in combination with the `--halt-on-known-validator-hash-mismatch` option,
|
||||
it will monitor the merkle root hash of the entire accounts state of other known nodes on gossip and if the hashes produce any mismatch,
|
||||
the validator will halt the node to prevent the validator from voting or processing potentially incorrect state values. At the moment, the slot that
|
||||
the validator publishes the hash on is tied to the snapshot interval. For the feature to be effective, all validators in the trusted
|
||||
the validator publishes the hash on is tied to the snapshot interval. For the feature to be effective, all validators in the known
|
||||
set should be set to the same snapshot interval value or multiples of the same.
|
||||
|
||||
It is highly recommended you use these options to prevent malicious snapshot state download or
|
||||
|
|
|
@ -143,10 +143,10 @@ while [[ -n $1 ]]; do
|
|||
elif [[ $1 = --log ]]; then
|
||||
args+=("$1" "$2")
|
||||
shift 2
|
||||
elif [[ $1 = --trusted-validator ]]; then
|
||||
elif [[ $1 = --known-validator ]]; then
|
||||
args+=("$1" "$2")
|
||||
shift 2
|
||||
elif [[ $1 = --halt-on-trusted-validators-accounts-hash-mismatch ]]; then
|
||||
elif [[ $1 = --halt-on-known-validators-accounts-hash-mismatch ]]; then
|
||||
args+=("$1")
|
||||
shift
|
||||
elif [[ $1 = --max-genesis-archive-unpacked-size ]]; then
|
||||
|
|
|
@ -462,7 +462,7 @@ fn get_rpc_node(
|
|||
.count();
|
||||
|
||||
info!(
|
||||
"Total {} RPC nodes found. {} trusted, {} blacklisted ",
|
||||
"Total {} RPC nodes found. {} known, {} blacklisted ",
|
||||
rpc_peers_total, rpc_peers_trusted, rpc_peers_blacklisted
|
||||
);
|
||||
|
||||
|
@ -475,7 +475,7 @@ fn get_rpc_node(
|
|||
blacklisted_rpc_nodes.clear();
|
||||
Some("Blacklist timeout expired".to_owned())
|
||||
} else {
|
||||
Some("Wait for trusted rpc peers".to_owned())
|
||||
Some("Wait for known rpc peers".to_owned())
|
||||
};
|
||||
continue;
|
||||
}
|
||||
|
@ -937,11 +937,12 @@ fn rpc_bootstrap(
|
|||
&& trusted_validators.len() == 1
|
||||
&& bootstrap_config.no_untrusted_rpc {
|
||||
warn!("The snapshot download is too slow, throughput: {} < min speed {} bytes/sec, but will NOT abort \
|
||||
and try a different node as it is the only trusted validator and the no-untrusted-rpc is set. \
|
||||
and try a different node as it is the only known validator and the --only-known-rpc flag \
|
||||
is set. \
|
||||
Abort count: {}, Progress detail: {:?}",
|
||||
download_progress.last_throughput, minimal_snapshot_download_speed,
|
||||
download_abort_count, download_progress);
|
||||
return true; // Do not abort download from the one-and-only trusted validator
|
||||
return true; // Do not abort download from the one-and-only known validator
|
||||
}
|
||||
}
|
||||
warn!("The snapshot download is too slow, throughput: {} < min speed {} bytes/sec, will abort \
|
||||
|
@ -1258,10 +1259,10 @@ pub fn main() {
|
|||
.value_name("SLOT_DISTANCE")
|
||||
.takes_value(true)
|
||||
.default_value("150")
|
||||
.help("If --trusted-validators are specified, report this validator healthy \
|
||||
.help("If --known-validators are specified, report this validator healthy \
|
||||
if its latest account hash is no further behind than this number of \
|
||||
slots from the latest trusted validator account hash. \
|
||||
If no --trusted-validators are specified, the validator will always \
|
||||
slots from the latest known validator account hash. \
|
||||
If no --known-validators are specified, the validator will always \
|
||||
report itself to be healthy")
|
||||
)
|
||||
.arg(
|
||||
|
@ -1555,7 +1556,8 @@ pub fn main() {
|
|||
)
|
||||
.arg(
|
||||
Arg::with_name("trusted_validators")
|
||||
.long("trusted-validator")
|
||||
.alias("trusted-validator")
|
||||
.long("known-validator")
|
||||
.validator(is_pubkey)
|
||||
.value_name("VALIDATOR IDENTITY")
|
||||
.multiple(true)
|
||||
|
@ -1574,9 +1576,10 @@ pub fn main() {
|
|||
)
|
||||
.arg(
|
||||
Arg::with_name("no_untrusted_rpc")
|
||||
.long("no-untrusted-rpc")
|
||||
.alias("no-untrusted-rpc")
|
||||
.long("only-known-rpc")
|
||||
.takes_value(false)
|
||||
.help("Use the RPC service of trusted validators only")
|
||||
.help("Use the RPC service of known validators only")
|
||||
)
|
||||
.arg(
|
||||
Arg::with_name("repair_validators")
|
||||
|
@ -1744,10 +1747,11 @@ pub fn main() {
|
|||
)
|
||||
.arg(
|
||||
Arg::with_name("halt_on_trusted_validators_accounts_hash_mismatch")
|
||||
.long("halt-on-trusted-validators-accounts-hash-mismatch")
|
||||
.alias("halt-on-trusted-validators-accounts-hash-mismatch")
|
||||
.long("halt-on-known-validators-accounts-hash-mismatch")
|
||||
.requires("trusted_validators")
|
||||
.takes_value(false)
|
||||
.help("Abort the validator if a bank hash mismatch is detected within trusted validator set"),
|
||||
.help("Abort the validator if a bank hash mismatch is detected within known validator set"),
|
||||
)
|
||||
.arg(
|
||||
Arg::with_name("frozen_accounts")
|
||||
|
@ -2282,7 +2286,7 @@ pub fn main() {
|
|||
&identity_keypair.pubkey(),
|
||||
&matches,
|
||||
"trusted_validators",
|
||||
"--trusted-validator",
|
||||
"--known-validator",
|
||||
);
|
||||
let repair_validators = validators_set(
|
||||
&identity_keypair.pubkey(),
|
||||
|
|
Loading…
Reference in New Issue