Manage private keys
Last updated
Last updated
The TingChain has two types of private keys that it directly manages:
Private key used for the consensus mechanism
Private key used for networking by libp2p
Currently, the TingChain doesn't offer support for direct account management.
Based on the directory structure outlined in the Backup & Restore guide, the TingChain stores these mentioned key files in two distinct directories - consensus and keystore.
The private keys are stored in simple Base64 format, so they can be human-readable and portable.
:::info Key Type All private key files generated and used inside the TingChain are relying on ECDSA with the curve .
As the curve is non-standard, it cannot be encoded and stored in any standardized PEM format. Importing keys that don't conform to this key type is not supported. :::
The private key file mentioned as the consensus private key is also referred to as the validator private key. This private key is used when the node is acting as a validator in the network and needs to sign new data.
The private key file is located in consensus/validator.key, and adheres to the key format mentioned.
The private key file mentioned for networking is used by libp2p to generate the corresponding PeerID, and allow the node to participate in the network.
It is located in keystore/libp2p.key, and adheres to the key format mentioned.
As the key files are stored in simple Base64 on disk, they can be easily backed up or imported.
:::caution Changing the key files Any kind of change made to the key files on an already set up / running network can lead to serious network/consensus disruption, since the consensus and peer discovery mechanisms store the data derived from these keys in node-specific storage, and rely on this data to initiate connections and perform consensus logic :::