"Error converting signing metadata to Artifact Signer: KeyStore file not found" after upgrading to 24.6

Consensys / web3signer

Web3Signer is an open-source signing service capable of signing on multiple platforms (Ethereum1 and 2, Filecoin) using private keys stored in an external vault, or encrypted on a disk.

https://docs.web3signer.consensys.net/

Apache License 2.0

183 stars 68 forks source link

"Error converting signing metadata to Artifact Signer: KeyStore file not found" after upgrading to 24.6 #1005

Open sauliusgrigaitis opened 1 week ago

sauliusgrigaitis commented 1 week ago

consensys/web3signer:24.2 docker image loads the keys, however consensys/web3signer:latest throws errors:

...
024-06-21 20:25:13.392+00:00 | ForkJoinPool.commonPool-worker-21 | ERROR | SignerLoader | Error converting signing metadata to Artifact Signer: KeyStore file not found: file:/opt/keys/web3signer/1.json
2024-06-21 20:25:13.392+00:00 | ForkJoinPool.commonPool-worker-1 | ERROR | SignerLoader | Error converting signing metadata to Artifact Signer: KeyStore file not found: file:/opt/keys/web3signer/2json
2024-06-21 20:25:13.392+00:00 | ForkJoinPool.commonPool-worker-9 | ERROR | SignerLoader | Error converting signing metadata to Artifact Signer: KeyStore file not found: file:/opt/keys/web3signer/3.json
...

usmansaleem commented 1 week ago

@sauliusgrigaitis Can you give the detailed docker command that you are using? It might be due to incorrect volume or file permissions, but need more details to figure out whats going wrong. Feel free to forward detailed logs to my Consensys email if privacy is a concern. usman(dot)saleem(at)consensys.net

sauliusgrigaitis commented 1 week ago

The command I run is:

docker run -it -v "/opt/holesky/:/opt/keys" --network=host consensys/web3signer:latest --http-listen-port=19500 --key-store-path /opt/keys/holesky --http-host-allowlist "x.x.x.x" eth2 --slashing-protection-db-url="jdbc:postgresql://localhost/holeskyweb3signer" --slashing-protection-db-username=user --slashing-protection-db-password=pass --key-manager-api-enabled=true --network=holesky

usmansaleem commented 1 week ago

There aren't any docker specific changes since last release (24.2.0). Can you run ls -alh on /opt/holesky on the host system? Based on the logs, it should contain web3signer folder. Can you also attach ls -alh output of at least one file under web3signer folder? The idea is to see permissions on the folder and its contents. KeyStore file not found: file:/opt/keys/web3signer/1.json suggests either incorrect folder/filename or permissions issues.