You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It should be possible to rotate ledger secrets (which are at the moment the same as network secrets) without executing a full recovery process. This is necessary to enable key-shares, as described in the TR, as opposed to the current sealing key approach.
The text was updated successfully, but these errors were encountered:
Split network secrets into network identity and ledger key. At the moment, all secrets are updated in one go during recovery but re-keying should only affect the ledger key sd.
Figure out a way to be resilient to elections. The new ledger key needs to be written to the ledger, encrypted under a key shared between the current leader (and not the leader that the follower joined) and the followers -> Create a new node key-pair for encryption purposes.
Create a new member RPC to trigger re-keying (possibly taking an optional KV index argument to re-key from?).
Refactor nodestate.h codes that deals with writing to the ccf.secrets table so that it is available as a generic utility.
Guaranteeing that transactions happen at a given index is going to be difficult, it's probably much easier and equally usable to return from what index the re-keying applies once it's done instead.
It should be possible to rotate ledger secrets (which are at the moment the same as network secrets) without executing a full recovery process. This is necessary to enable key-shares, as described in the TR, as opposed to the current sealing key approach.
The text was updated successfully, but these errors were encountered: