[Polkadot Wiki Migration] Secure Your Node #47

CrackTheCode016 · 2024-09-19T22:00:04Z

This page was migrated from https://wiki.polkadot.network/docs/maintain-guides-secure-validator

github-actions

Remaining comments which cannot be posted as a review comment to avoid GitHub Rate Limit

vale

infrastructure/validators/onboarding/run-validator/secure-node.md

CrackTheCode016 · 2024-09-20T13:06:23Z

Will someone who knows this stuff to review properly

infrastructure/validators/onboarding/run-validator/secure-node.md

nhussein11 · 2024-10-01T12:36:08Z

infrastructure/validators/onboarding/run-validator/secure-node.md

+Session keys are generated inside the node via RPC call. See the [How to Validate guide]() for instructions on setting Session keys. These should be generated and kept within your client. When you generate new Session keys, you must submit an extrinsic (a Session certificate) from your staking proxy key telling the chain your new Session keys.
+
+!!!info "Generating session keys"
+    Session keys can also be generated outside the client and inserted into the client's keystore via RPC. For most users, it is recommended to use the key generation functionality within the client.


I'd add a reference to that RPC as well.

Also, I'd explain what you mean here with key generation functionality or add a reference somewhere that explains that

I am actually a little confused on what that means too, I assume it is parachain-binary key insert? cc: @DrW3RK

Nvm I misread, I think it refers to the fact that you can generate a key like: parachain-binary OR polkadot-parachain key generation

Either way, this is something that can be put in the main validator guide and linked here later. Will add a todo

infrastructure/validators/onboarding/run-validator/secure-node.md

infrastructure/validators/onboarding/run-validator/.pages

infrastructure/validators/onboarding/run-validator/index.md

infrastructure/validators/onboarding/run-validator/secure-node.md

Co-authored-by: Nicolás Hussein <80422357+nhussein11@users.noreply.github.com>

lovelaced · 2024-10-02T16:03:53Z

infrastructure/validators/onboarding/run-validator/secure-node.md

+
+High availability set-ups that involve redundant validator nodes may seem attractive at first. However, they can be *very dangerous* if they aren't set up perfectly. The reason for this is that the session keys used by a validator should always be isolated to just a single node. Replicating session keys across multiple nodes could lead to equivocation [slashes](TODO:update-path){target=\_blank} or parachain validity slashes which can make you lose **100% of your staked funds**.
+
+The good news is that 100% uptime of your validator isn't really needed, as it has some buffer within eras to go offline for a little while and upgrade. For this reason, it is advised that you only attempt a high availability set-up if *you're confident you know exactly what you're doing.*


i would say just do not do this, people should never do this

Might be pertinent to note explicitly if you have two validators online with the same keys you will get slashed

I think it would be better just to remove the whole section then? And make a note regarding the same keys being slashed

add content

60259bd

CrackTheCode016 added In Progress Infrastructure labels Sep 19, 2024

github-actions bot reviewed Sep 19, 2024

View reviewed changes

vale and removing bad links (todos)

b2762b4

github-actions bot reviewed Sep 20, 2024

View reviewed changes

CrackTheCode016 added Ready for Review and removed In Progress labels Sep 20, 2024

a few fixes, Vale screen, mainly taking out random line breaks/spacing

8c8964d

github-actions bot reviewed Sep 23, 2024

View reviewed changes