Multiple owners in the pool, signing registration-certificate

I am in the process of setting up a pool that has multiple owners. The operator will not have control over the signing key of the other owners.

Now I am running into the issue that in order to sign the Pool registration-certificate, it MUST be signed by all owners.
Failing to include the owner’s skey gives an error with “MissingVKeyWitnessesUTXOW”. At least, this is my assumption based on the specs: https://hydra.iohk.io/build/902246/download/1/delegation_design_spec.pdf#subsubsection.3.4.4

So,

  • Am I correct that I need the signingKey of all the owners ?
  • What is the best way to get this transaction signed with signingKeys I have no control over?
  • Or should I just ask the other owners for the signingKey? (I have no idea yet what the abuse potential is of having a signingKey of someone else)
  • Or is there a way to sign a transaction in multiple steps? (send the transaction to the other owners to be signed).

Thanks in advance!

Yes, you will need to sign the transaction with all stake skeys

I believe each owner can sign transaction individually, but I have not attempted this. Worst case, I personally see no real danger in requesting the owner to provide their stake keys. From an adversarial perspective, the worst you could do as a malicious actor is either un-delegate their stake or re-delegate to another pool, either of which action would tank your pool pledge. You as the operator with the pool cold keys could disrupt the pool regardless, so therefore I don’t see an issue.

As long as the other owner does not share payment address keys, those funds will be safe.

1 Like

Just tried it and basically signed the transaction with two stake.skeys where Bob and Alice contribute to pledge:
cardano-cli shelley transaction sign
–tx-body-file tx.raw
–signing-key-file payment.skey
–signing-key-file Alicestake.skey
–signing-key-file Bobstake.skey
–signing-key-file cold.skey
–mainnet
–out-file tx.signed

1 Like