From d7545b3d88b1405ea6b099012680281e16998595 Mon Sep 17 00:00:00 2001 From: jm-clius Date: Wed, 18 May 2022 13:30:48 +0000 Subject: [PATCH] deploy: 185485c336ec73c44c09bbe61c5c579f846649bf --- .../vendor/libbacktrace-upstream/libtool | 2 +- waku/v2/README.md | 55 +++++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/vendor/nim-libbacktrace/vendor/libbacktrace-upstream/libtool b/vendor/nim-libbacktrace/vendor/libbacktrace-upstream/libtool index 5d736f440..e9d59d5c5 100755 --- a/vendor/nim-libbacktrace/vendor/libbacktrace-upstream/libtool +++ b/vendor/nim-libbacktrace/vendor/libbacktrace-upstream/libtool @@ -2,7 +2,7 @@ # libtool - Provide generalized library-building support services. # Generated automatically by config.status (libbacktrace) version-unused -# Libtool was configured on host fv-az457-860: +# Libtool was configured on host fv-az214-470: # NOTE: Changes made to this file will be lost: look at ltmain.sh. # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, diff --git a/waku/v2/README.md b/waku/v2/README.md index b32007173..c89b233ee 100644 --- a/waku/v2/README.md +++ b/waku/v2/README.md @@ -144,6 +144,61 @@ make docker-image MAKE_TARGET=wakunode2 docker run --rm -it statusteam/nim-waku:latest --help ``` +## Generating and configuring a private key + +By default a node will generate a new, random key pair each time it boots, +resulting in a different public libp2p `multiaddrs` after each restart. + +To maintain consistent addressing across restarts, +it is possible to configure the node with a previously generated private key using the `--nodekey` option. + +```shell +wakunode2 --nodekey=<64_char_hex> +``` + +This option takes a [Secp256k1](https://en.bitcoin.it/wiki/Secp256k1) private key in 64 char hexstring format. + +To generate such a key on Linux systems, +use the openssl `rand` command to generate a pseudo-random 32 byte hexstring. + +```sh +openssl rand -hex 32 +``` + +Example output: + +```sh +$ openssl rand -hex 32 +6a29e767c96a2a380bb66b9a6ffcd6eb54049e14d796a1d866307b8beb7aee58 +``` + +where the key `6a29e767c96a2a380bb66b9a6ffcd6eb54049e14d796a1d866307b8beb7aee58` can be used as `nodekey`. + +To create a reusable keyfile on Linux using `openssl`, +use the `ecparam` command coupled with some standard utilities +whenever you want to extract the 32 byte private key in hex format. + +```sh +# Generate keyfile +openssl ecparam -genkey -name secp256k1 -out my_private_key.pem +# Extract 32 byte private key +openssl ec -in my_private_key.pem -outform DER | tail -c +8 | head -c 32| xxd -p -c 32 +``` + +Example output: + +```sh +read EC key +writing EC key +0c687bb8a7984c770b566eae08520c67f53d302f24b8d4e5e47cc479a1e1ce23 +``` + +where the key `0c687bb8a7984c770b566eae08520c67f53d302f24b8d4e5e47cc479a1e1ce23` can be used as `nodekey`. + +```sh +wakunode2 --nodekey=0c687bb8a7984c770b566eae08520c67f53d302f24b8d4e5e47cc479a1e1ce23 +``` + ## Configuring a domain name It is possible to configure an IPv4 DNS domain name that resolves to the node's public IPv4 address.