3. In this example, we will be compiling from the github source code using the --features=softsign flag, however you may use --features=yubihsm if you want to use a yubikey. ( if you want to compile a specific version, you should specify the value of the option --version=......, for example --version=0.12.2 )
cd $HOMEgitclonehttps://github.com/iqlusioninc/tmkms.gitcd $HOME/tmkmscargoinstalltmkms--features=softsign--version=0.12.2
4. The tmkms init command can be used to generate a directory containing the configuration files needed to run the KMS. Run the following:
tmkmsinit $HOME/tmkms_okp4
6. Now we will transfer your priv_validator_key.json from your validator to your VM running TMKMS. Then, import the private validator key into tmkms:
Please note at this point, you could delete the priv_validator_key.json from both your validator node and tmkms node and store it safely offline in case of an emergency. This newly created priv_validator_key will be what TMKMS will use to sign for your validator.
7. Now, modify the tmkms.toml file
nano $HOME/tmkms_okp4/tmkms.toml
8. This is just an example. If you use tmkms on other networks, you should substitute your values. ( chain id , account_key_prefix , state_file, path , addr , secret_key , protocol_version !!! )
check the Tendermint version that is running. ( protocol_version )
okp4dtendermintversion
9. Now, modify your validators config.toml to use the port you selected in the tmkms.toml file
nano $HOME/.okp4d/config/config.toml
priv_validator_laddr="tcp://0.0.0.0:26659"
It is also recommended to comment out the priv_validator_key_file line and the priv_validator_state_file line:
# Path to the JSON file containing the private key to use as a validator in the consensus protocol# priv_validator_key_file = "config/priv_validator_key.json"# Path to the JSON file containing the last sign state of a validator# priv_validator_state_file = "data/priv_validator_state.json"
10. Next, stop the validator. Move back to your VM running TMKMS and start it:
11. Restart the OK 4 node so that the binary re-reads the configuration changes made above.
sudosystemctlrestartokp4d
Now tmkms logs should look like this. Tmkms established connections, waited for synchronization to complete, and started signing blocks.
2022-12-31T00:38:49.853892ZINFOtmkms::connection::tcp:KMSnodeID:f7c81f67b322bb902c1f55d4a8c59706ca0c52f42022-12-31T00:38:49.854045Z ERROR tmkms::client: [okp4-nemeton-1@tcp://89.163.151.253:26659] I/O error: Connection refused (os error 111)
2022-12-31T00:38:50.854222ZINFOtmkms::connection::tcp:KMSnodeID:f7c81f67b322bb902c1f55d4a8c59706ca0c52f42022-12-31T00:38:50.855411Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] connected to validator successfully
2022-12-31T00:38:50.855455Z WARN tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659]: unverified validator peer ID! (4a6958e1211ee64d4a1d380a2a267867c8f1c6cb)
2022-12-31T00:39:13.266634Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreCommit:<nil> at h/r/s 242376/0/2 (0 ms)
2022-12-31T00:39:13.597237Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreCommit:<nil> at h/r/s 242377/0/2 (0 ms)
2022-12-31T00:39:14.066509Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreCommit:<nil> at h/r/s 242378/0/2 (0 ms)
2022-12-31T00:39:17.530149Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreVote:6BC6B77784 at h/r/s 242379/0/1 (0 ms)
2022-12-31T00:39:17.803117Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreCommit:6BC6B77784 at h/r/s 242379/0/2 (0 ms)
2022-12-31T00:39:23.259515Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreVote:124CE9752D at h/r/s 242380/0/1 (0 ms)
2022-12-31T00:39:23.521055Z INFO tmkms::session: [okp4-nemeton-1@tcp://89.163.151.253:26659] signed PreCommit:124CE9752D at h/r/s 242380/0/2 (0 ms)
It remains to create a service for the process tmkms
It is mandatory to use tmkms with configured notification and monitoring for your validators. It is important to remember that tmkms like any other software, it can fail !!! ( https://github.com/iqlusioninc/tmkms/issues/37 )