ARCHIVE/xrpl-dev-portal
1
0
Fork 0
mirror of https://github.com/XRPLF/xrpl-dev-portal.git synced 2025-11-20 19:55:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

token_sequence must be incremented in backups

Browse Source 
Docs indicate that validators should backup `validator-keys.json`, and not edit the backup. This causes problems when validator operators generate new validation tokens using backups of the `validator-keys.json` file. Specifically:
1. Validator operator copies backup of `validator-keys.json` to from backup location to validator
2. Operator generates a new token on validator
3. Operator deletes `validator-keys.json` from the validator

If the validator operator does not then increment the "token_sequence" in the backed up `validator-keys.json`, the next time the operator repeats the above three steps, their validations will be ignored by the network, as the resultant token will have a sequence number that is <= the last observed number.
This commit is contained in:
rabbit
2020-07-30 16:35:28 -04:00
committed by GitHub
parent e6b16cd5a3
commit cc45a55f43
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/tutorials/manage-the-rippled-server/configuration/run-rippled-as-a-validator.md
View File

@@ -72,7 +72,7 @@ In a location **not** on your validator:
This file should be stored securely and not shared.
**Warning:** Store the generated `validator-keys.json` key file in a secure, offline, and recoverable location, such as an encrypted USB flash drive. Do not modify its contents. In particular, be sure to not store the key file on the validator where you intend to use the keys. If your validator's `secret_key` is compromised, [revoke the key](https://github.com/ripple/validator-keys-tool/blob/master/doc/validator-keys-tool-guide.md#key-revocation) immediately.
**Warning:** Store the generated `validator-keys.json` key file in a secure, offline, and recoverable location, such as an encrypted USB flash drive. Do not store keys on the validator where you intend to use the keys. If your `secret_key` is compromised, [revoke the key](https://github.com/ripple/validator-keys-tool/blob/master/doc/validator-keys-tool-guide.md#key-revocation) immediately. Do not modify the contents of `validator-keys.json`, except to increment the `token _sequence` after generating a new validation token using a copy of the file. For example, if you copy your secure, backed up `validation-keys.json` to your validator to generate a new token, generating the token will increase the `token_sequence` field. If you do not update the `token_sequence` field in your secure backup, then the next token you generate will have the same or lower sequence number as the token you are currently using. The network will ignore validations that have a sequence number that is less than the previously highest observed number. Alternately, simply copy `validator-keys.json` to your backup location every time you generate a new validation token, so your backup version has the correct `token_sequence`.
For more information about the `validator-keys` tool and the key pairs it generates, see the [Validator Keys Tool Guide](https://github.com/ripple/validator-keys-tool/blob/master/doc/validator-keys-tool-guide.md).