search
githubEdit

Setting up a Mithril Signer

The Mithrilarrow-up-right project implements Stake-based Threshold Multisignatures on the Cardano network. The Mithril protocol allows individual stakeholders in the Cardano blockchain network to sign messages aggregated into a multi-signature, guaranteeing that the stakeholders represent a minimum share of the total stake.

To set up a Mithril Signer, you need to:

  1. Install Mithril Signer on the block-producing node for your stake pool.

  2. Implement Squidarrow-up-right as a forward proxy on one the relays for your stake pool.

Implementing a Mithril Signer and Relay enables your stake pool to contribute to securing the integrity of Mithril snapshots available on the Cardano network.

circle-info

Mithril has numerous potential applications, including synchronizing data for both light and full-node wallets, as well as facilitating data exchanges with layer 2 solutions such as bridges, sidechains, rollups and state channels. For most stake pools, implementing a Mithril client to bootstrap a Cardano Node using a Mithril snapshot is not necessary.

hashtag
Installing Mithril Signer on Your Block Producer

To install Rust:

  1. Using a terminal window on your block producer, type the following command:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

  1. When prompted, press 1 to proceed with a standard installation

  2. To set up the current shell session, type:

source "$HOME/.cargo/env"

  1. To verify the Rust version, type:

rustc --version

To install Mithril:

  1. To download Mithril, using a terminal window on your block producer, type:

  1. To identify the latest Mithril version available, visit the Latest Releasearrow-up-right page in the Mithril GitHub repository.

  2. To select the latest version, type the following command where is the version that you identified in step 2

  1. To build Mithril Signer, type:

  1. To verify that Mithril compiled successfully, type:

  1. To move the mithril-signer binary to a dedicated folder, type:

  1. To configure environment variables, type the following command where <SquidRelayIPAddress> is the IP address of the relay in your stake pool configuration where you plan to implement the Squid forward proxy:

  1. To create a systemd service to manage Mithril, type:

  1. In the mithril-signer.service file, copy and paste the following lines where <UserName> is the user under which to execute the processes of the service, <EnvFilePath> is the full path to the mithril-signer.env file, and <ExecFilePath> is the full path to the mithril-signer binary executable file.

  1. To move the mithril-signer.service file and set file permissions, type:

  1. To enable the service to start when the block producer boots, type:

  1. To start the service, type:

  1. To verify that the service is running, type:

  1. Optionally, to remove the Mithril source files, type:

hashtag
Implementing Squid on a Relay Node

Configuring Squid as a forward proxy on a relay node in your stake pool configuration handles network traffic between a Mithril Signer and Mithril Aggregator securely. Mithril Aggregator is responsible for collecting and aggregating individual signatures from Mithril Signers into a multi-signature. To protect the security of your block-producing node, use the following Squid configuration.

To configure Squid:

  1. On the relay node where you want to set up a forward proxy to protect your Mithril Signer, type:

  1. To configure Squid, type:

  1. In the squid.conf file, copy and paste the following lines where <SquidRelayIPAddress> is the IP address where the relay hosting Squid listens, and <BlockProducerIPAddress> is the IP address of the block-producing node hosting Mithril Signer:

  1. To configure UFW firewall rules for Squid, type the following command where <BlockProducerIPAddress> is the IP address of your block-producing node hosting Mithril Signer, and <SquidRelayIPAddress> is the IP address of the relay node hosting Squid:

  1. To restart Squid, type:

hashtag
Verifying Your Mithril Signer Implementation

To verify that your Mithril Signer is registered:

  1. Type the following commands to download the verify_signer_registration.sh script:

  1. To run the script, type the following command where is your stake pool ID using Bech32 format:

If your Mithril Signer is registered, then the script displays:

circle-info

To verify manually that your Mithril Signer is registered, visit the URL https://aggregator.release-mainnet.api.mithril.network/aggregator/signers/registered/<CurrentEpoch> using a Web browser, where is the current Cardano epoch, and then search the Web page for your stake pool ID in Bech32 format.

After waiting two epochs, you can verify that your Mithril Signer signs certificates.

To verify that your Mithril Signer signs certificates:

  1. Type the following commands to download the verify_signer_signature.sh script:

  1. To run the script, type the following command where is your stake pool ID using Bech32 format:

If your Mithril signer signs certificates, then the verify_signer_signature.sh script displays a list of certificates that your Mithril Signer signed.

PreviousSecuring Your Stake Pool Using a Hardware WalletNextPART IV - ADMINISTRATION & MAINTENANCE

Last updated