certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

docs: point out that node keys should be persisted 

Hi Joe

Change-Id: Id6434199ed3f96cd06cb4ef6d57216d79cef3dc6
This commit is contained in:
Leo 2021-09-27 14:08:54 +02:00 committed by Leopold Schabel
parent a307ddd55a
commit d34e16be66
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/operations.md
View File

@ -240,8 +240,10 @@ You'll have to manage the following keys:
node key. It is used by the peer-to-peer network for routing and transport layer encryption.
An attacker could potentially use it to censor your messages on the network. Other than that, it's not very
critical and can be rotated. The node will automatically create a node key at the path you specify if it doesn't exist.
While the node key can be replaced, we recommend using a persistent node key. This will make it easier to identify your
node in monitoring data and improves p2p connectivity.
For production, we strongly recommend to either encrypt your disks, and/or take care to never have keys touch the disk.
For production, we strongly recommend to either encrypt your disks, and/or take care to never have hot guardian keys touch the disk.
One way to accomplish is to store keys on an in-memory ramfs, which can't be swapped out, and restore it from cold
storage or an HSM/vault whenever the node is rebooted. You might want to disable swap altogether. None of that is
specific to Wormhole - this applies to any hot keys.