diff --git a/testing-framework/configs/src/topology/configs/network.rs b/testing-framework/configs/src/topology/configs/network.rs
index 3f9512b..8d56a66 100644
--- a/testing-framework/configs/src/topology/configs/network.rs
+++ b/testing-framework/configs/src/topology/configs/network.rs
@@ -1,14 +1,14 @@
 use std::time::Duration;
 
 use nomos_libp2p::{
-    IdentifySettings, KademliaSettings, Multiaddr, NatSettings, ed25519, gossipsub,
+    IdentifySettings, KademliaSettings, Multiaddr, NatSettings, Protocol, ed25519, gossipsub,
 };
 use nomos_node::config::network::serde::{BackendSettings, Config, SwarmConfig};
 use nomos_utils::net::get_available_udp_port;
 use testing_framework_env as tf_env;
 use thiserror::Error;
 
-use crate::node_address_from_port;
+use crate::{node_address_from_port, secret_key_to_peer_id};
 
 const PEER_RESPONSE_TIMEOUT: Duration = Duration::from_secs(60);
 
@@ -122,7 +122,7 @@ fn initial_peers_by_network_layout(
         Libp2pNetworkLayout::Star => {
             // First node is the hub - has no initial peers
             all_initial_peers.push(vec![]);
-            let first_addr = node_address_from_port(first_swarm.port);
+            let first_addr = node_address_with_peer(first_swarm);
 
             // All other nodes connect to the first node
             for _ in 1..swarm_configs.len() {
@@ -135,7 +135,7 @@ fn initial_peers_by_network_layout(
 
             // Each subsequent node connects to the previous one
             for i in 1..swarm_configs.len() {
-                let prev_addr = node_address_from_port(swarm_configs[i - 1].port);
+                let prev_addr = node_address_with_peer(&swarm_configs[i - 1]);
                 all_initial_peers.push(vec![prev_addr]);
             }
         }
@@ -144,7 +144,7 @@ fn initial_peers_by_network_layout(
             for i in 0..swarm_configs.len() {
                 let mut peers = vec![];
                 for swarm_config in swarm_configs.iter().take(i) {
-                    peers.push(node_address_from_port(swarm_config.port));
+                    peers.push(node_address_with_peer(swarm_config));
                 }
                 all_initial_peers.push(peers);
             }
@@ -153,3 +153,10 @@ fn initial_peers_by_network_layout(
 
     all_initial_peers
 }
+
+fn node_address_with_peer(swarm_config: &SwarmConfig) -> Multiaddr {
+    let mut addr = node_address_from_port(swarm_config.port);
+    let peer_id = secret_key_to_peer_id(swarm_config.node_key.clone());
+    addr.push(Protocol::P2p(peer_id.into()));
+    addr
+}
diff --git a/testing-framework/core/src/nodes/common/config/injection.rs b/testing-framework/core/src/nodes/common/config/injection.rs
index ccfb252..817751b 100644
--- a/testing-framework/core/src/nodes/common/config/injection.rs
+++ b/testing-framework/core/src/nodes/common/config/injection.rs
@@ -1,4 +1,7 @@
+use hex;
+use key_management_system_service::keys::{Ed25519Key, Key};
 use serde_yaml::{Mapping, Number as YamlNumber, Value};
+use testing_framework_config::nodes::kms::key_id_for_preload_backend;
 
 pub fn normalize_ed25519_sigs(_value: &mut Value) {}
 
@@ -12,6 +15,35 @@ pub fn inject_ibd_into_cryptarchia(yaml_value: &mut Value) {
     ensure_ibd_bootstrap(cryptarchia);
 }
 
+/// Inject blend non-ephemeral signing key id when missing.
+pub fn inject_blend_non_ephemeral_signing_key_id(yaml_value: &mut Value) {
+    let Some(blend) = blend_section(yaml_value) else {
+        return;
+    };
+
+    let key_id_key = Value::String("non_ephemeral_signing_key_id".into());
+    if blend.contains_key(&key_id_key) {
+        return;
+    }
+
+    let Some(key_str) = blend
+        .get(&Value::String("non_ephemeral_signing_key".into()))
+        .and_then(Value::as_str)
+    else {
+        return;
+    };
+
+    let Ok(bytes) = hex::decode(key_str) else {
+        return;
+    };
+    let Ok(raw) = <[u8; 32]>::try_from(bytes.as_slice()) else {
+        return;
+    };
+
+    let key_id = key_id_for_preload_backend(&Key::Ed25519(Ed25519Key::from_bytes(&raw)));
+    blend.insert(key_id_key, Value::String(key_id));
+}
+
 fn cryptarchia_section(yaml_value: &mut Value) -> Option<&mut Mapping> {
     yaml_value
         .as_mapping_mut()
@@ -19,6 +51,13 @@ fn cryptarchia_section(yaml_value: &mut Value) -> Option<&mut Mapping> {
         .and_then(Value::as_mapping_mut)
 }
 
+fn blend_section(yaml_value: &mut Value) -> Option<&mut Mapping> {
+    yaml_value
+        .as_mapping_mut()
+        .and_then(|root| root.get_mut(&Value::String("blend".into())))
+        .and_then(Value::as_mapping_mut)
+}
+
 fn ensure_network_adapter(cryptarchia: &mut Mapping) {
     if cryptarchia.contains_key(&Value::String("network_adapter_settings".into())) {
         return;
diff --git a/testing-framework/core/src/nodes/common/node.rs b/testing-framework/core/src/nodes/common/node.rs
index 3553423..3b3fa59 100644
--- a/testing-framework/core/src/nodes/common/node.rs
+++ b/testing-framework/core/src/nodes/common/node.rs
@@ -185,7 +185,8 @@ where
 
 fn write_node_config<C: Serialize>(config: &C, config_path: &Path) -> Result<(), SpawnNodeError> {
     super::lifecycle::spawn::write_config_with_injection(config, config_path, |yaml| {
-        crate::nodes::common::config::injection::inject_ibd_into_cryptarchia(yaml)
+        crate::nodes::common::config::injection::inject_ibd_into_cryptarchia(yaml);
+        crate::nodes::common::config::injection::inject_blend_non_ephemeral_signing_key_id(yaml);
     })
     .map_err(|source| SpawnNodeError::WriteConfig {
         path: config_path.to_path_buf(),
diff --git a/versions.env b/versions.env
index a5239fc..7423ff7 100644
--- a/versions.env
+++ b/versions.env
@@ -1,7 +1,7 @@
 VERSION=v0.3.1
 NOMOS_BUNDLE_VERSION=v4
 # Pinned nomos-node revision used for CI builds and binary bundles.
-NOMOS_NODE_REV=6bdb09567d21cd1e53527846a9cd48493ad49387
+NOMOS_NODE_REV=aa/kms-integration
 
 # Optional: local nomos-node checkout override (do not commit absolute paths).
 # NOMOS_NODE_PATH=