gnosis/lighthouse
1
0
Fork 0
mirror of https://github.com/sigp/lighthouse.git synced 2026-04-20 22:38:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b333841229c45349bf5226f7c12af77a577b50b6
lighthouse/book/src/advanced_web3signer.md
chonghe 50dbfdf612 Some updates to Lighthouse book (#7455) 
- Small revision in Siren documentation in: `book/src/ui_installation.md`
- Add a section about slashing protection in web3signer, as per: https://github.com/sigp/lighthouse/issues/5310 in: `book/src/advanced_web3signer.md`
- Add a presign option in `lighthouse account validator exit` in `book/src/validator_voluntary_exit.md`

- Replace 'Holesky' with 'Hoodi' in all related parts in Lighthouse book
- Add https://ethpandaops.io/posts/kurtosis-deep-dive/ to local testnet documentation
2025-05-19 10:19:04 +00:00

67 lines
3.4 KiB
Markdown
Raw Blame History

# Remote Signing with Web3Signer
[Web3Signer]: https://docs.web3signer.consensys.net/en/latest/
[Consensys]: https://github.com/ConsenSys/
[Teku]: https://github.com/consensys/teku
[Web3Signer] is a tool by Consensys which allows *remote signing*. Remote signing is when a
Validator Client (VC) out-sources the signing of messages to a remote server (e.g., via HTTPS). This
means that the VC does not hold the validator private keys.
## Warnings
Using a remote signer comes with risks, please read the following two warnings before proceeding:
### Remote signing is complex and risky
Remote signing is generally only desirable for enterprise users or users with unique security
requirements. Most users will find the separation between the Beacon Node (BN) and VC to be
sufficient *without* introducing a remote signer.
**Using a remote signer introduces a new set of security and slashing risks and should only be
undertaken by advanced users who fully understand the risks.**
### Web3Signer is not maintained by Lighthouse
The [Web3Signer] tool is maintained by [Consensys], the same team that maintains [Teku]. The
Lighthouse team (Sigma Prime) does not maintain Web3Signer or make any guarantees about its safety
or effectiveness.
## Usage
A remote signing validator is added to Lighthouse in much the same way as one that uses a local
keystore, via the [`validator_definitions.yml`](./validator_management.md) file or via the [`POST /lighthouse/validators/web3signer`](./api_vc_endpoints.md#post-lighthousevalidatorsweb3signer) API endpoint.
Here is an example of a `validator_definitions.yml` file containing one validator which uses a
remote signer:
```yaml
---
- enabled: true
voting_public_key: "0xa5566f9ec3c6e1fdf362634ebec9ef7aceb0e460e5079714808388e5d48f4ae1e12897fed1bea951c17fa389d511e477"
type: web3signer
url: "https://my-remote-signer.com:1234"
root_certificate_path: /home/paul/my-certificates/my-remote-signer.pem
client_identity_path: /home/paul/my-keys/my-identity-certificate.p12
client_identity_password: "password"
```
When using this file, the Lighthouse VC will perform duties for the `0xa5566..` validator and refer
to the `https://my-remote-signer.com:1234` server to obtain any signatures. It will load a
"self-signed" SSL certificate from `/home/paul/my-certificates/my-remote-signer.pem` (on the
filesystem of the VC) to encrypt the communications between the VC and Web3Signer. It will use
SSL client authentication with the "self-signed" certificate in `/home/paul/my-keys/my-identity-certificate.p12`.
> The `request_timeout_ms` key can also be specified. Use this key to override the default timeout
> with a new timeout in milliseconds. This is the timeout before requests to Web3Signer are
> considered to be failures. Setting a value that is too long may create contention and late duties
> in the VC. Setting it too short will result in failed signatures and therefore missed duties.
## Slashing protection database
Web3signer can be configured with its own slashing protection database. This makes the local slashing protection database by Lighthouse redundant. To disable Lighthouse slashing protection database for web3signer keys, use the flag `--disable-slashing-protection-web3signer` on the validator client.
> Note: DO NOT use this flag unless you are certain that slashing protection is enabled on web3signer.
The `--init-slashing-protection` flag is also required to initialize the slashing protection database locally.
Reference in New Issue View Git Blame Copy Permalink