When rotating KES keys, the op.cert and cold.counter are updated, any other files changed?
Is there a penalty for rotating pool keys to early? or too many times? should we wait until expiration before rotating?
I think I read that rotating KES Keys has an impact on your pool being chosen for minting blocks…ie. while not expired, you can delay when your pool is chosen for slots and/or minting blocks if done ‘incorrectly’ or not according to best practices.
I think for many of us, rotating KES keys sounds like a way for the network to make sure all of the nodes are not being abandoned however, it’s more complex then that, right? It will affect the slots that you’re picked for(?) Any input is appreciated…it is definitely better to understand the ‘behind the scenes’ and how NOT to rotate keys when still being within expiration.
a. On a side note: can you confirm that I am able to delete all wallet files from producer node? (obviously keeping these files on offline machine)
b. and just for additional confirmation…With CNTools, the only files I NEED on producer to mint blocks are the vrf.skey, op.cert, kes.start, right? (I don’t need the hot.skey, hot.vkey to mint blocks?)
ugh, I’m a new SPO with 500k stake (3rd epoch) and still waiting for first block…I’m getting nervous that something is wrong but all signs point to ‘GOOD’ so, Im TRYING to be patient. lol
I rotated the KEYs 2 days ago; look what can I confirm to you:
These are the files which will be updated:
Jan 8 21:10 hot.vkey
Jan 8 21:10 kes.start
Jan 8 21:10 op.cert
You can rotate the KES Keys earlier, I rotated with 8 days before to expire; you should not wait till last day because who knows what can happens and you will not have enough time to fix it
I prefer if I have a slot assigned to not performed any actions; After that I can do what I have to do (upgrade, etc); So yes, if your KEYS are valid better to not change them if you have a slot assigned
You can delelte all files you have also it is recomended to do that but you need to keep on BP :
hot.skey
op.cert
vrf.skey
You can go in cnode.sh script and you will see at the end what files it use when it’s start the node
2: Not that I know of, but you only need to rotate them before they expire or if you think they have been compromised.
3: Not that I know of
4a: Wallet files are not need once you have signed the transactions. However if you are using cntools (a good choice IMO) you may prefer to simply encrypt them with a very strong random password (32 chars recommended so you have similar entropy in password to encryption strength)
4b: I would suggest to keep them there, the pool is designed to run with hot keys online, and the cold keys can be offline (hence the names)
On the last comment I would suggest setting up cncli (given you are using cntools) according to the GuildOps docs and that way you will actually know when your node is going to produce blocks down to the specific slot. It takes all the guesswork out and is highly recommended as it also allows you to plan maintenance windows.
HTH.
I see I was beaten to the response, so simply read what’s above
How do you know if you have a slot assigned? I’m not seeing it in gLiveView.sh
I was able to see it in rtView but have since switched to Grafana (I using the standard IOHK-Cardano dashboard right now and don’t see slot assignment).
You are able to see via cncli script
If u run ./cncli leaderlog or something like that… I don’t remeber the name well but if u type ./cncli.sh u will see the options
I had cncli set up but ran into some issues then I disabled everything except pooltool sendtip. I figured right now, I’d take a deep breath and stop messing around with things…
correction: I’ll stop messing around after I do alex’s recommended idea for cncli-leaderlog…looks like I’m diving back in. lol
Hei, if u are running only the cncli leaderlog I am sure u will be ok, u need to run once at the beggining of the epoch to see if u have slots assigned… after that u can use only pooltool sendtip
And heads up… I’m sure the first slot is arround the corner
your node was crashed, as you tried to create the ledger.json file.
you can create this file from another system which is not your BP or relays.
prepare a node with cnode at home and prepare the file,
cardano-cli query ledger-state --mainnet --allegra-era --out-file ledger.json
then you can move file to your BP,
rsync -avz -e “ssh -p 222” /home/user/file/ledger.json BP_user@192.168.1.1:/opt/cardano/cnode/scripts
then connect on BP, and run the scripts
python3 getSigma.py --pool-id 437240728470741THISisYOURpoolID3489759279279 --ledger /opt/cardano/cnode/scripts/ledger.json
you receive a Sigma
building active stake
Sigma: 2.338473482938294074e-06
and then you check the leaderlog
python3 leaderLogs.py --vrf-skey /opt/cardano/cnode/priv/pool/tts17/vrf.skey --sigma 2.338473482938294074e-06
please adapt all the necessary paremeters based on your outputs
Hi RRusso84: For the actual view of being a slotleader: In Grafana you can add a ‘stat’ with the following variabels: (cardano_node_metrics_Forge_forge_about_to_lead_int - cardano_node_metrics_Forge_node_not_leader_int)
The subtraction gives you the result if you are a slot leader or not.
I run this leaderlogs as well, by starting a local node.
You don’t have to move files to your BP node, you can run all the commands locally. I put it all together in a script.
Ok, Haha! No, sorry: For Grafana it is only (nearly) realtime info. Just to check on the specific time if you become the slotleader. For prediction you need to run indeed the leaderlogs.
