I’m wondering whether I can delegate to my own pool [ASTOR] from Daedalus and pledge those funds? Currently, every time I do some admin work I use the payment.skey to sign the respective Tx. This key would also give access to the Live Stake that I pledge.
In other words, every time I pay for chewing gum I open the vault with the family jewels.
Ideally, I’d like to keep my pledged funds on the Ledger.
Can I do this, or must the pledge come from one of the owner’s payment addresses?
I guess it all boils down to pledging “your own” funds or just pledge anybody’s funds. If “your own” is a requirement the network needs to have some sort of proof of ownership from a pool owner. If on the other hand I have a gentleman’s agreement (perhaps with myself) that I can pledge their funds, the network would not have an association with a pool owner.
Following this process, I got a payment.addr with associated keys. Currently, that address also holds my pledge. Every time I update my metadata I pay the fees from that payment.addr. So, at least for a short while my payment.skey is floating around the network and eventually lands on some node where it can sign my update Tx.
If for some (unforeseeable) reason, somebody got hold of that payment.skey all of those pledged funds are gone. Ideally, I’d like to remove all but a few pennies from the payment.addr and hold my pledge elsewhere - for example in Daedalus connected to my LedgerX.
So I wonder if I can do that without breaking my pool’s integrity.
From what I understand (not tested yet) you can create transactions on an offline machine (no internet connection) and then register the transactions in to the blockchain on your online machine… that way your keys will be safe (will never leave your offline machine)
But regarding the ledger I don’t know the answer, I will let someone else to clarify it;
First, you should not use your pledge payment account for your daily work. Create a second small operator wallet for this with just a few ada in it. Your pledge payment.skey should never be around.
Also, if you wanna do transactions offline, if have updated my popular operator scripts so they can also run in fully offline mode. Take a look at the Instructions and usage here.
Make yourself one, two or three more small accounts for the operator work like updating the pool registration, claiming rewards, etc. Yes, you can claim your rewards with another payment wallet and claim the rewards to your pledge account if you like…
Thanks Martin, how about the core of my question: Can I pledge the funds that somebody delegated to my pool? For example, funds from a friend who has promised not to move those funds elsewhere or even funds that I hold myself in my Daedalus wallet.
For example …
Active Stake: 300k
Owner Stake: 50k (out of those 300k)
Can I set --pool-pledge 300k because I know that the active stake will not drop below 300k?
Not like that you cannot. You will need to sign the pool certificate with the stake secret key(s) of your friend(s).
Now, this will soon be possible using hardware wallets and sequential signing of a transaction using witnesses. So that way, none of your co-owners need to share anything but the witnesses after signing. This is not ready as we speak, and will be delivered in January 2021 (may be).
The rewards that a stake pool gets depend on a pledge of funds that the stake pool owner(s)provide. This adds a cost to creating a competitive stake pool, and protects against Sybil attackson the stake pool level (Section 2.2.1). In order to differentiate between delegated and pledgedstake, the stake pool operator will include a list of stake addresses, the owner stake addresses,in the certificate. Stake delegated from any of the owner stake addresses will be countedtowards the stake pledged by the owner(s). Note that this still requires delegation certificatesto be posted14. Using alistof owner stake addresses allows for stake pool operators to usemultiple accounts/wallets for delegating the stake they pledged. It also allows a group of peoplecombining their stake to form a competitive pool, without losing any control over their funds(see also the discussion in Section 3.3.5).
In the end, I moved all funds from Daedalus to one of the ower’s payment.addr. Then, I created a new payment.addr (without associated stake addr) like this
if [ ! -f "$TARGET" ]; then
cardano-cli address key-gen \
--verification-key-file ~/cardano/keys/pool/payment.vkey \
if [ ! -f "$TARGET" ]; then
cardano-cli address build \
--payment-verification-key-file ~/cardano/keys/pool/payment.vkey \
--out-file ~/cardano/keys/pool/payment.addr \
parameter. This address, together with its associated skey) allows me to pay for fees - the address only holds a very small amount of ADA. The signing keys from the owner accounts (that hold the pledge) never need to go online.