entrypoint: fix BLS key generate flow and add show BLS secret key option

axieinfinity · Aug 2, 2023 · 351e386 · 351e386
1 parent a7b6bf1
commit 351e386
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 12 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -29,6 +29,7 @@ ENV ENABLE_FAST_FINALITY_SIGN 'true'
 ENV BLS_PRIVATE_KEY ''
 ENV BLS_PASSWORD ''
 ENV BLS_AUTO_GENERATE 'false'
+ENV BLS_SHOW_PRIVATE_KEY 'false'
 
 COPY --from=builder /opt/build/bin/ronin /usr/local/bin/ronin
 COPY --from=builder /opt/genesis/ ./

diff --git a/core/vote/vote_signer.go b/core/vote/vote_signer.go
@@ -50,6 +50,10 @@ func NewVoteSigner(blsPasswordPath, blsWalletPath string) (*VoteSigner, error) {
 		return nil, errors.Wrap(err, "could not fetch validating public keys")
 	}
 
+	if len(pubKeys) < 1 {
+		return nil, errors.New("no BLS key in keystore")
+	}
+
 	return &VoteSigner{
 		km:     km,
 		pubKey: pubKeys[0],

diff --git a/docker/chainnode/entrypoint.sh b/docker/chainnode/entrypoint.sh
@@ -136,20 +136,20 @@ elif [[ "$mine" = "true" ]]; then
   echo "Warning: A mining node is started without private key environment provided"
 fi
 
-blsAccountsCount=$(
-  ronin account listbls \
-    --finality.blspasswordpath $BLS_PASSWORD_FILE \
-    --finality.blswalletpath $BLS_PRIVATE_KEY_DIR \
-    2> /dev/null \
-    | wc -l
-)
-
 if [[ "$ENABLE_FAST_FINALITY" = "true" ]]; then
   params="$params --finality.enable"
 fi
 
 if [[ "$ENABLE_FAST_FINALITY_SIGN" = "true" ]]; then
   mkdir -p $BLS_PRIVATE_KEY_DIR
+  blsAccountsCount=$(
+    ronin account listbls \
+      --finality.blspasswordpath $BLS_PASSWORD_FILE \
+      --finality.blswalletpath $BLS_PRIVATE_KEY_DIR \
+      2> /dev/null \
+      | wc -l
+  )
+
   if [[ ! -z $BLS_PRIVATE_KEY ]]; then
     echo "$BLS_PRIVATE_KEY" > ./bls_private_key
     if [[ $blsAccountsCount -le 0 ]]; then
@@ -189,10 +189,12 @@ if [[ "$ENABLE_FAST_FINALITY_SIGN" = "true" ]]; then
 
   blsParams="--finality.enablesign --finality.blspasswordpath $BLS_PASSWORD_FILE --finality.blswalletpath $BLS_PRIVATE_KEY_DIR"
   blsAccount=$(
-    ronin account list --datadir $datadir  --keystore $KEYSTORE_DIR \
-    2> /dev/null \
-    | head -n 1 \
-    | cut -d"{" -f 2 | cut -d"}" -f 1
+    ronin account listbls \
+      --finality.blspasswordpath $BLS_PASSWORD_FILE \
+      --finality.blswalletpath $BLS_PRIVATE_KEY_DIR \
+      2> /dev/null \
+      | head -n 1 \
+      | cut -d"{" -f 2 | cut -d"}" -f 1
   )
 
   echo "Using BLS account $blsAccount"
@@ -297,6 +299,14 @@ echo "dump: $account $BOOTNODES"
 
 set -x
 
+if [[ "$BLS_SHOW_PRIVATE_KEY" = "true" ]]; then
+  mkdir -p $BLS_PRIVATE_KEY_DIR
+  exec ronin account listbls \
+    --finality.blspasswordpath $BLS_PASSWORD_FILE \
+    --finality.blswalletpath $BLS_PRIVATE_KEY_DIR \
+    --secret
+fi
+
 exec ronin $params \
   --syncmode $syncmode \
   --verbosity $VERBOSITY \