TACo Node Recovery

Node Operator Security and Recovery Guidelines

As a node operator, it is critical to maintain the security of your keystores (private keys), passwords, and mnemonic phrases throughout the lifecycle of your node's operation. Ensuring the safekeeping of these elements is essential for continued access and control of your node. In the event of a loss, several built-in recovery tools are available to assist you in restoring normal operations.

Below are the three possible high-level recovery scenarios:

Recovery using a backup of keystore and password
Recovery using mnemonic
Complete loss of keystore and mnemonic

This documentation outlines the procedures to manage scenarios 1 and 2. However, please be advised that in the case of a complete loss of both the keystore and mnemonic, there are currently no recovery options available and you will need to shut down your node until a re-onboarding mechanism is included in a future software upgrade (this will result in reward withholding and/or stake slashing).

If you find yourself in this situation, please reach out for assistance by opening a support ticket in the Threshold Discord server under the #support-ticket channel.

Recovery

Recover a TACo node using a mnemonic and existing config

This command can be used to restore private keys on an existing node.

If using Docker commands, start by pulling the latest recovery image:

docker pull nucypher/nucypher:recovery

nucypher ursula recover

Recover or relocate a TACo node by creating a new configuration with mnemonic

This command can be used to completely relocate a node to a new host from scratch while preserving the original private keys.

nucypher ursula init ... --with-mnemonic

View public keys for a given mnemonic

This command is useful if you have a mnemonic but are unsure which public keys it produces.

nucypher ursula public-keys --from-mnemonic

Auditing

Below is documentation for node auditing commands that can be used to ensure correctness of passwords and mnemonics.Comment

Audit password and mnemonic

nucypher ursula audit

nucypher ursula audit --config-file <config path>

nucypher ursula audit --keystore-filepath <keystore path>

View mnemonic

This command can be used to view the mnemonic for existing private keys. This assumes you have the keystore file and it's associated password.

nucypher ursula audit ... --view-mnemonic

PreviousTACo Node Management NextStake Authorization

Last updated 8 months ago

hashtagNode Operator Security and Recovery Guidelines

hashtagRecovery

hashtagRecover or relocate a TACo node by creating a new configuration with mnemonic

hashtagView public keys for a given mnemonic

hashtagAuditing

hashtagAudit password and mnemonic

hashtagView mnemonic