keystore.md

Keystore management

Key types

Key types can be conditionally divided into two groups: agents and validators.

Agents keys are used for linking content, sending liquid tokens, delegating, redelegating, and undelegating tokens to validators. Also, withdrawing rewards, voting and creating multisig accounts.

• bostrom a.k.a. address. Cyber application key.

  • Derived from account mnemonic phrase, generated by cyber keys add
  • e.g. bostrom 15h6vd5f0wqps26zjlwrc6chah08ryu4hzzdwhc

• bostrom pub the public key of an account address. It is used for generating multisig addresses.

  • Derived from account mnemonic phrase, generated by cyber keys add
  • e.g. bostrom pub1zcjduc3q7fu03jnlu2xpl75s2nkt7krm6grh4cc5aqth73v0zwmea25wj2hsqhlqzm

All agents keypairs are stored locally in the PATH_TO_CYBER/keys folder.

Validators are actors on the network committing new blocks by submitting their votes. This refers to the node itself, not a single person or a single account. Therefore, the public key here is referring to the nodes public key, not the public key of the agent address.

• bostrom valoper validator application-level address. It is associated with a public key bostrom valconspub. This is the address used to identify your validator publicly. The private key associated with this address is used to delegate, unbond, claim rewards, and participate in governance. Generated by cyber on the application level. Application keys are associated with a public key prefixed by bostrom pub and an address prefixed by cyber network. Both are derived from account keys generated by cyber keys add.

  • e.g. bostrom valoper1carzvgq3e6y3z5kz5y6gxp3wpy3qdrv928vyah

• the public key of node/validator address has been recently migrated to protobuf look. The private key associated with this Tendermint PubKey is used to sign prevotes and precommits.

• Generated when the node is created

• Get this value with cyber tendermint show-validator

• e.g. {"@type":"/cosmos.crypto.ed25519.PubKey","key":"YxN/kkQlXBwKNF4Cgi6tiqMh2ae8+tpo9VxENmFUhv8="}

Note: A validator's operator key is directly tied to an application key, but uses reserved prefixes solely for this purpose: bostrom valoper.

A nodes keypair is stored in node_key.json and priv_validator_key.json at $HOME/.cyber/config folder. You can delete them and restart cyber if you want to change this keypair. The new pair will be created automatically.

Generate keys

You'll need an account private and public key pair (a.k.a. sk, pk respectively) to be able to receive funds, send txs, bond tx, etc.

To generate a new secp256k1 key:

cyber keys add <account_name>

Next, you will have to create a passphrase to protect the key on disk. The output of the above the command will contain a seed phrase. It is recommended to save the seed phrase in a safe place so that in case you forget the password, you could eventually regenerate the key from the seed phrase with the following command:

cyber keys add <account_name> --recover

Also, you can import your Cosmos account to cyber cli using seed phrase:

cyber keys add <account_name> --recover 

cyber provides compatibility of Cosmos with Cyber addresses.

You can check your application account details by account name:

cyber keys show <account_name>

You can see all of your available keys by typing:

cyber keys list

View the validator pubkey for your node by typing:

cyber tendermint show-validator

Note that this is the Tendermint signing key, not the operator key you will use in delegation transactions.

Important note: Starting with v.38 cosmos-SDK uses os-native keyring to store all your keys. We've noticed that in certain cases this does not work well by default (for example if you don't have any GUI installed on your machine). If during the execution of the cyber keys add command you get this type of error:

panic: No such interface 'org.freedesktop.DBus.Properties' on object at path /

goroutine 1 [running]:
github.com/cosmos/cosmos-sdk/crypto/keys.keyringKeybase.writeInfo(0x1307a18, 0x1307a10, 0xc000b37160, 0x1, 0x1, 0xc000b37170, 0x1, 0x1, 0x147a6c0, 0xc000f1c780, ...)
    /root/go/pkg/mod/github.com/cosmos/[email protected]/crypto/keys/keyring.go:479 +0x38c
github.com/cosmos/cosmos-sdk/crypto/keys.keyringKeybase.writeLocalKey(0x1307a18, 0x1307a10, 0xc000b37160, 0x1, 0x1, 0xc000b37170, 0x1, 0x1, 0x147a6c0, 0xc000f1c780, ...)
    /root/go/pkg/mod/github.com/cosmos/[email protected]/crypto/keys/keyring.go:465 +0x189
github.com/cosmos/cosmos-sdk/crypto/keys.baseKeybase.CreateAccount(0x1307a18, 0x1307a10, 0xc000b37160, 0x1, 0x1, 0xc000b37170, 0x1, 0x1, 0x146aa00, 0xc000b15630, ...)
    /root/go/pkg/mod/github.com/cosmos/[email protected]/crypto/keys/keybase_base.go:171 +0x192
github.com/cosmos/cosmos-sdk/crypto/keys.keyringKeybase.CreateAccount(...)
    /root/go/pkg/mod/github.com/cosmos/[email protected]/crypto/keys/keyring.go:107
github.com/cosmos/cosmos-sdk/client/keys.RunAddCmd(0xc000f0b400, 0xc000f125f0, 0x1, 0x1, 0x148dcc0, 0xc000aca550, 0xc000ea75c0, 0xc000ae1c08, 0x5e93b7)
    /root/go/pkg/mod/github.com/cosmos/[email protected]/client/keys/add.go:273 +0xa8b
... etc

You will have to use another keyring backend to keep your keys. Here are 2 options: store the files within the cli folder or a pass manager.

Using the keyring backend as a local file:

Execute:

cyber keys add <key_name> keyring-backend file

This means that you've saved your keyring-backend to a local file. Note, in this case, all the keys in your keyring will be encrypted using the same password. If you would like to set up a unique password for each key, you should set a unique --home folder for each key. To do that, just use --home=/<unique_path_to_key_folder>/ with setup keyring backend and at all interactions with keys when using cyber cli:

cyber config keyring-backend file --home=/<unique_path_to_key_folder>/
cyber keys add <your_second_key_name> --home=/<unique_path_to_key_folder>/
cyber keys list --home=/<unique_path_to_key_folder>/