Multiple owners in the pool, signing registration-certificate

Just tried it and basically signed the transaction with two stake.skeys where Bob and Alice contribute to pledge:
cardano-cli shelley transaction sign
–tx-body-file tx.raw
–signing-key-file payment.skey
–signing-key-file Alicestake.skey
–signing-key-file Bobstake.skey
–signing-key-file cold.skey
–mainnet
–out-file tx.signed

1 Like

Hey Frog, how do you create multiple keys for multiple pool owners? Creating multiple keys seems simple enough but how do you associate these multiple keys to my one pool?

I am using coincashew and it provides no guidance on this topic thanks in advance.

How did you go about partially signing the registration? I am in a similar situation but wont be able to get access to the pledge’s payment signing key (So I cannot abuse the funds)

you don’t need the pledge payment signing key - any arbitrary payment address can be use to pay the transaction fees / deposits associated with submitting the transaction

first - simply create multiple address keys with different names

For example:

1 rewards.skey, rewards.vkey, rewards.addr
2 pledge1.skey, pledge1.vkey, pledge1.addr
3 pledge2.skey, pledge2.vkey, pledge2.addr

Make sure to register each stake addresses as well as create delegation certs for each stake address

Pool registration params will look something like this:


–pool-reward-account-verification-key-file ~/path/to/rewards.vkey \
–pool-owner-stake-verification-key-file ~/path/to/pledge1.vkey \
–pool-owner-stake-verification-key-file ~/path/to/pledge2.vkey \

1 Like

And of course, do not forget to sign the tx with as many secrets keys as addresses involved.

1 Like

Thanks for your reply frog :smiley:
I hadn’t thought about another payment address :sweat_smile:, but what can be done about the stake.skey? Is it critical that this key is cold?

While it’s not best practice to throw stake keys around, the worst a malicious actor could really do is re-delegate your stake (or unregister your stake address) without your permission - meaning you would simply need to move the funds to a new address (hence new stake key) - this could harm the pool, but I don’t see many cases where you would trash your own operation by re-delegating your partners stake keys. If you were to run off and create a separate pool using them all the other party would need to do is send the funds to a new address which would effectively make the stake keys useless.

With that being said, you can sign in counterparts using witnesses assuming the other party is sophisticated enough to use the cli. I don’t have an example offhand but I’m sure I could dig something up if that’s the route you want to go.

Let me know - I will have some time tomorrow to help

Your friend, FROG

And widthdraw your rewards if any :slight_smile:

2 Likes

Thanks for the explanation that helps alot :smiley:
If you don’t mind, an example of using a witness would be great thanks. I cant seem to find many resources online explaining this process, so learning how to do so would be super helpful regardless. :pray:

Yep - but only if the relevant stake address correlates the rewards address registered for the pool. This would not be the case with a pledge (owner address) that is different than the registered rewards address.

Buy absolutely true otherwise for a regular delegated stake address (non-pool owner address)

1 Like

This is interesting. By multiple keys (rewards, pledge1, pledge2), you really mean multiple pairs (stake+payment) of keys, right?

In other words, what you suggesting is that we create the following 3 pairs of keys:

  1. SPO - rewards-stake.skey, rewards-stake.vkey, rewards-payment.skey, rewards-payment.vkey
  2. owner 1 - pledge1-stake.skey, pledge1-stake.vkey, pledge1-payment.skey, pledge1-payment.vkey
  3. owner 2 - pledge2-stake.skey, pledge2-stake.vkey, pledge2-payment.skey, pledge2-payment.vkey

Can you or anyone verify my following understanding is also correct:

  1. Each owner would need to create delegation cert and register on chain

    • owner1 : node.vkey + pledge1-stake.vkey → deleg1.cert
    • owner2 : node.vkey + pledge2-stake.vkey → deleg2.cert
  2. When SPO creates the pool.cert, we need following parameters

    –pool-reward-account-verification-key-file ~/path/to/rewards-stake.vkey
    –pool-owner-stake-verification-key-file ~/path/to/pledge1-stake.vkey
    –pool-owner-stake-verification-key-file ~/path/to/pledge2-stake.vkey \

  3. When SPO build the transaction to register the pool, it would need all the delegation certs as well as the pool.cert

    –certificate-file pool.cert
    –certificate-file deleg1.cert
    –certificate-file deleg2.cert \

  4. When SPO signs the transaction to register the pool, it would use the following parameters (assuming transaction fee and deposite comes from rewards account)

    –signing-key-file rewards-payment.skey
    –signing-key-file node.skey
    –signing-key-file pledge1-stake.skey
    –signing-key-file pledge2-stake.skey \

  5. Individual owners would fund to their own pledge payment account.

  6. All rewards would go to rewards-payment account. SPO would have to divided it up and distribute to owners.

  7. In the above scenario, SPO can be one of the owners or be different from any one of them.

Also note in the above scenario SPO need to share node.vkey with owners, and owners need to share pledge-stake.vkey and pledge-stake.skey with SPO.

3 Likes

Correct.
Step 4 > You need to sign with the --signing-key-file rewards-payment.skey only if it is the wallet that pays for the tx fees. Otherwise, any other funded wallet paying for the tx fees will be fine as well.

Thanks. For step 4, do we need rewards-stake.skey to sign as well?

1 Like

No. It is not required for pool registration.

1 Like

Interesting. I guess the rational is no need stake holder’s authorization for receiving reward!

Thanks. I’m going to try out the process outlined with testnet and maybe update everyone here later.

I have verified the above scheme works. I managed to updated my existing single-owner pool with 2 owner and a separate SPO account. You can find my test pool at Cardano PoolTool - The most comprehensive staking statistics for Cardano on the web.

In this process I also created a diagram to illustrate the relationship among all keys, certs and processes. Hope it helps. I will probably write a blog to flesh it out.

Also another thing that is probably worth sharing

  • I used Daedalus wallet to create 2 accounts. One is delegated to some random pool, while the 2nd one is not.
  • I used extraction tool to extract stake key and payment key from those 2 accounts and used them as the 2 owners
  • it turns out I only need to register stake addr for the 2nd account. No need for the first account since it was already registered by Daedalus when I delegated it out for the first time.

4 Likes

I have a couple of more questions regarding this 2-owner setup. Hopefully someone can help out

  • is rewards account balance counted towards pledge? (probably no since we did not make it as one of the owner account)
  • is rewards account balance counted towards pool live stake?
  • I managed to re-delegate one of the owner account to another pool, which seems crazy to me. Is owner account allowed to be re-delegated to some other pool? If so, what is the status the original pool?

Thanks!

1 Like

@Jun_Sun

Tip: DO register your rewards account stake key as one of the owners (I did it for my pool), so with two real people, you have three owners. In that way the rewards do count towards determining if pledge is met. So once rewards are accumulating, an owner can decide to withdraw some funds from his/her payment address without violating minimum pledge and without asking the SPO to transfer some of the rewards. Notice though it doesn’t matter for the pledge counted in the rewards formula, there only the amount registered in the pool registration certificate matters; any pledge above the minimum just counts as normal stake (I think…).

Rewards account balance only counts to live stake if the delegation certificate is registered on the blockchain (during pool registration or just as regular delegation certificate registration).

If you redelegate an owner address to another pool, the certificate of this delegation replaces the one from the pool registration (this is the same as changing delegation with a ‘regular wallet’). The ADA from this owner doesn’t contribute to pledge and stake anymore. Also, the rewards from the new pool will be received on the stake address of this owner (instead of on a pool rewards account).

2 Likes

Thanks, @brouwerQ I like your advice of making reward account as one additional owner account. Great idea.

Just to get back to my original questions. I did some experiments, also take what @brouwerQ answered and I will summarize the answers below.

  • is rewards account balance counted towards pledge? (probably no since we did not make it as one of the owner account)

Not automatically. In fact you could have reward account delegated to another pool and things will be just fine.

  • is rewards account balance counted towards pool live stake?

Not unless it is delegated to your pool.

  • I managed to re-delegate one of the owner account to another pool, which seems crazy to me. Is owner account allowed to be re-delegated to some other pool? If so, what is the status the original pool?

It seems cardano is pretty relaxed on this aspects. All accounts (reward or owner) can be delegated to anther pool, and current spool is still considered in good standing. Of course pledge amount will be affected and staking amount as well.

2 Likes