pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-06-13 05:51:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce flag to enable sentry nodes to participate in grandpa gossip (#3018)

Browse Source 
Given the following situation: A validator 'A' is not supposed to be
connected to the public internet to protect it from e.g. a DoS attack.
Instead it connects to a sentry node 'sentry-A' which connects to the
public internet. Validator 'B' can reach validator 'A' via sentry node
'sentry-A' and vice versa.

A sentry node needs to participate in the grandpa gossip without
becoming a validator itself in order to forward these message to its
validator. This commit adds a new command line flag (`--grandpa-voter`)
forcing a node to participate in the grandpa voting process even though
no `--key` was specified. Due to the fact that it does not have a key,
it does not become a validator in the network.

In order to simulate the above situation this commit also adds a Docker
Compose file (`scripts/sentry-node/docker-compose.yml`) with further
documentation.
This commit is contained in:
Max Inden
2019-07-09 18:35:37 +02:00
committed by Gavin Wood
parent 2c5a3b84db
commit 6639ab339a
6 changed files with 153 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
substrate/core/service/src/config.rs
+4 -1
View File
@@ -87,6 +87,9 @@ pub struct Configuration<C, G: Serialize + DeserializeOwned + BuildStorage> {
pub force_authoring: bool,
/// Disable GRANDPA when running in validator mode
pub disable_grandpa: bool,
/// Run GRANDPA voter even when no additional key seed is specified. This can for example be of interest when
/// running a sentry node in front of a validator, thus needing to forward GRANDPA gossip messages.
pub grandpa_voter: bool,
/// Node keystore's password
pub password: Protected<String>,
}
@@ -122,6 +125,7 @@ impl<C: Default, G: Serialize + DeserializeOwned + BuildStorage> Configuration<C
offchain_worker: Default::default(),
force_authoring: false,
disable_grandpa: false,
grandpa_voter: false,
password: "".to_string().into(),
};
configuration.network.boot_nodes = configuration.chain_spec.boot_nodes().to_vec();
@@ -154,4 +158,3 @@ pub fn full_version_from_strs(impl_version: &str, impl_commit: &str) -> String {
let commit_dash = if impl_commit.is_empty() { "" } else { "-" };
format!("{}{}{}-{}", impl_version, commit_dash, impl_commit, platform())
}