Restart the kerleano network with new consensus model?

[guenoledc]

@wiktorhejchman @HallmeSEB @rghoshfinaxys @sjehan @salehmaj

We have now a new version of the consensus that looks better and that resolve a number of points (thanks to @sjehan )

The geth code has changed, the governance smart contract also and the monitoring tool slightly also.

I would like to organize a complete restart of the kerleano network and properly simulate the initialization process and get ready for testing with APL/SGS also.

Please share your opinion on the matter (worth or not, timing, approach ...) before we execute

[rghoshfinaxys]

This is a fabulous opportunity to align all our sealers on the latest geth image :)

Given we'll be synchronizing, could we leverage this action to include initialization of the production network?

[wiktorhejchman]

I think this is a very good idea, both to restart kerleano and sync but also we could maybe initialize the prod network, as I understand it was supposed to happen sometime before the issuance?

We would need to have a bit of time to prepare for a production rollout of all our stuff, it's a copy of acc environment, but there are things to secure like dns, load-balancing etc.

Not sure when do you think we could go ahead with that is it before Christmas or after New Year?

[guenoledc]

I feel that we could start some actions for preparing the production ahead of christmas but the actual start will need to be when we have finalized the APL/SGS work

For the kerleano restart I was hoping to get this done after the intrinsec audit and the reherasal is completed

[guenoledc]

@rghoshfinaxys @wiktorhejchman

How do you want to proceed?

Can we schedule things?

[rghoshfinaxys]

I'd like to have free rein during the update process, so ideally I'd see something like

• announce to test users that the network will be unavailable at a scheduled time
• CACIB and SEB prepare the update ahead of time, with fallback in case of problems
• Update the network
• basic multi-party test

I can free up a half day for it: if all goes well it shouldn't take more than 30 minutes but it'd be nice to have time in case it doesn't.

I'm available next week, Thursday or Friday. Does this work for you, @guenoledc @wiktorhejchman ?

[guenoledc]

@rghoshfinaxys

I think we need to prepare a bit more ahead of this restart and have a meeting between us to agree on the process.

Maybe we can start documenting what would be required here

I can think of

• having a redefined genesis file uploaded with a release tag so we are sure to all download the right one
• having the latest binary released with a tag also
• we have 5 machines sealers. I can use mine to init the network and invite you in it. We will reuse the same wallets
• when restarted all our deployment need to be cleaned (because their synchro is at 3.8m block). We have no clear procedure to do this !

Anything else?

[wiktorhejchman]

@rghoshfinaxys @guenoledc

I still need to setup few things, fix database backup, preferrably also monitoring, update the code to finaxys latest version with any possible SEB changes considerations, it might take me a bit and I cannot really spend any time this week on it, next week will also be difficult but I can try. Initially, based on the fact that there are still things to do on our side to prepare for that I think I cannot commit to earlier than 8-9.12 at best probably to actually secure half a day for secure and stable relaunch with availability for fixes.

You guys are the experts so please feel free to educate me exactly what we need to have prepared beforehand etc.

[guenoledc]

@wiktorhejchman @rghoshfinaxys Hello, as discussed in today's syndicate call, we have agreed to try to reset the kerleano network on the 13/12/2022.

I will look into what is necessary in the coming days and document the procedure here. Stay tuned pls

[guenoledc]

The elements to collect for the genesis / governance smart contracts

• The wallet address of Guenole's node : 0x1311aef86d1db33db945fc488eeff1c6105b9593
• The wallet address of SGS as first auditor: 0xacf6441aa2b10726a273f3963a593104f11e4693 see node here
• The amount of ₡ to credit to SGS : see post below
• The BlockDelayBeforeVote governance constant for the improvement proposal: 3 months = (365/4)*(24*3600)/4 = 1,971,000
• The BlockSpanForVote governance constant for the improvement proposal: 1 month = (365/12)*(24*3600)/4 = 657,000
• The MaxNbBlockPerPeriod governance constant for the auditor amortization pledge: 3 months = (365/4)*(24*3600)/4 = 1,971,000
• The minPledge defined in AuditorGovernance.sol (to be converted to a global constant) : 5,000 ₡
• The number of seconds per block: 4
• The epoch size, as the number of block during which new node voting should take place. Any non conclusive vote after that period will be discarded: 1 week = 7*24*3600/4 = 151,200
• The activation of certain EIP (1559 : burnable fees, 155 : replay attack, in particular). After review of the changes, we should try to include all forks up to London.
• The chainId: 1804
• The genesis timestamp: 0x86e1970
• The blocks gas limit: 119 MGas or 0x717cbc0

==> These elements will be collected in a config file (pocr-network/genesis/kerleano-conf.json) that reference the name of a governance smart contract that will define the governance parameters. Then the script sc-carbon-footprint/prepare-genesis.js will generate the appropriate genesis file.

Create the genesis file

When all parameters are set in the pocr-network/genesis/kerleano.json, commit on a separate branch kerleano-v2 but starting from try-clear-footprint and create a release with tag. Use https://github.com/ethereum-pocr/ethereum-pocr.github.io/pull/28

When Creating the v2.0.0 tag the .github/workflows/build-and-release-kerleano.yml github workflow will be triggered creating a public realease. The tag will be used to download the file from each node

Building the geth module and related release

in the https://github.com/ethereum-pocr/go-ethereum repo, merge to main (this push the geth to the latest release) and create a release with a tag v1.10.26-pocr-2.0.0 to rebuild and create a geth stored in the assets of that release.

Note that for consistency, the file go-ethereum/params/version.go at line 27 should be aligned to the tag to be able to see in the startup of the node on what version we are. See https://github.com/ethereum-pocr/go-ethereum/pull/37 (now merged)

Should we need to revert, the correct fallback version is v1.10.23

Installing and launching on each existing sealers

As of today, sealers are : SEB

• 0x20c8f6d7e11c42c83c9af2f6144c963315106fc9 / geth 1.10.21 go1.18.4 linux
• 0xcca833ec5bb4fceb5145fa2fd65c94c446028ff6 / geth 1.10.21 go1.18.4 linux

CACIB

• 0xc16c63da5f6e464148ffc0bcef9e761a16af6004 / CACIB sealer pastor
• 0xec3f218d9876bfc01e9a4601575fe60f1b2c8f76 / CACIB sealer canastas

Guenole

• 0x1311aef86d1db33db945fc488eeff1c6105b9593 / Guenole's node at 20.216.129.27

For each node we should

1. stop the geth process for both sealers and client nodes
2. backup the data and binary as a rollback scheme if necessary
3. clear the data - Attention not the nodekey nor the sealer private key
4. download the kerleano.json genesis file from https://github.com/ethereum-pocr/ethereum-pocr.github.io/releases/download/${tag}/kerleano.json
5. download the geth new binary from https://github.com/ethereum-pocr/go-ethereum/releases/download/${tag}/geth
6. init the new db with the new binary and the new genesis file
7. start the process
8. Deploy the new version of https://ethereum-pocr.github.io

Onboarding

Only guenole's node will be a sealer initially, so he will

1. propose to sealer 1 SEB node
2. then 1 CACIB node, that SEB will also have to accept
3. the 2nd SEB node, that both CACIB and SEB must accept
4. the 2nd CACIB node, that both CACIB and SEB must accept

All sealers will start producing blocks.

Updating the tools

The https://ethereum-pocr.github.io/ site needs to be redeployed with the merge of branch try-clear-footprint to main will trigger the delivery of the github pages

Simulating the auditing of the nodes

Liaise with SGS (Jeronimo ?) and guide him thru the auditing of nodes using Metamask in the https://ethereum-pocr.github.io/ app

[guenoledc]

Resetting the client nodes

For each of our client nodes, we need to drop the data, download the new binary and genesis file. Then reinitialize the geth db and start the process pointing to the other sealers

Resetting the kubernetes applications (essentially the databases)

A simple way to do this is to configure in kubernetes a different name for all the databases so it restart from scratch.

But attention, do not drop the CUSTODY DB tables custody.tokens and custody.wallets that contains only the management of private keys that have nothing to do with the DLT directly, and we do not want to redo the configuration of the wallet station that refers to a private key in the wallet custody db.

Attention in the config, we have two env variables that tells from which block to start synchronizing. We wil have to set these variables to 0 or 1.

• START_SYNCHRO_FROM_BLOCK in dlt services,
• LIST_BONDS_FROM_BLOCK in solution back end,

So changing the config of the DB and from block and restarting all kubernetes processes should make the process restart synchronization from the beginning of the new chain.

For the Solution DB we can instead delete the collections

• bondbackupbalances
• bondbackupdatas
• bondbackupevents
• synchro-states
• trades

For the Custody Service : Keep all data

For the Wallet station service : Keep all data

For the DLT Service : replace the database

[guenoledc]

Evaluating the amount of ₡ needed for the first auditor

• 5,000₡ min pledge per audit
• Assume 28,000 gas per pledge @ 1GWei per gas so 0,000028 ₡ ou 28 µ₡
• Assume 72,000 gas per audit @ 1GWei per gas so 0,000072 ₡ ou 72 µ₡
• Assume 4 simultaneous audits (2 for each banks):
  • 20,000 ₡ pledge needed, that will amortize linearly over 3 months
  • 1 pledge transaction + 4 audits : 28 + 4x72 = 316 µ₡

So the minimum, if everything works perfectly in the process is to have 20 000.000316 ₡.

For the test, to avoid redoing it, we'll grant SGS 25 001 ₡ in hex 0x61a9

[guenoledc]

Given that SGS will not be able to provide on time a wallet, we are going to create a HD Wallet and provide it to them.

This wallet is to be used from Metamask for the auditor activities.

Metamask only support derivation path m/44'/60'/0'/0/${index}. So we need to provide a 12 english BIP39 words + an index, and they must then use the recover function that clears their current metamask wallets and generate new ones

The Brave browser integrated wallet can perform the same derivation also (just in case)

So, let's consider the index = 0 so the derivation path m/44'/60'/0'/0/0 and the 12 words (not copied here) that gives the address 0xacf6441aa2b10726a273f3963a593104f11e4693