Researching on network architecture for validator node.

[Vishwas1]

• Understandin concept of validator - tendermint doc
• Important resources for validators
• sentry-validator setup architecture
• Concepts of tendermint for settup nodes in prod
• Running v7-Theta Public Testnet
• Comos-hub test net
• Running a validator in Gaia
• Testnet setup asmodat
• The 2019 Chorus Validator Architecture

[Vishwas1]

willwhite123 — Yesterday at 18:19 It is possible to do using automation like ansible

[Vishwas1]

Btw, it’s unrelated to this weird behavior but: On the graph, may I know why you chose to have the sentry nodes “know” the validator node and not the otherway around? Wouldn’t be safer to have the validator node have the sentry nodes’s id in its persistent peer list?

Ideally yes, this is how it should be but there are two ascpects which I want to highlight here. 1) Even though sentry nodes knows the id of Validator node but it also added its id in private_peer_list - meaning sentry node will not expose any information about validator node in public. 2) say we set the sentry. node with AutoScaling, in the event of DDos attack, more sentry new nodes will be spun, and if sentry nodes id are set in peer list of vlaidtors then in that case, validators nodes config need to be updated with ids of new sentry nodes and the node need to be restarted, and that has to be done automaically (I am not sure how can this be possible)

Questions:

• How scaling will work in sentry node autoscale setup?

[Vishwas1]

https://www.slideshare.net/MichaelNg59/introducing-new-proofofstake-based-networks-why-your-network-participation-matters

[Vishwas1]

validation infrastructure posts

• A look inside iqlusion’s Cosmos Hub Validator architecture
• https://medium.com/chorus-one
• Chorus validator architecture
• Full Disclosure: Figment’s Cosmos Validator Infrastructure
• Stake with stakewith.us
  • We have 2 Dell PowerEdge Servers that hosts our validators, located in two Tier 3 Datacenters situated in Singapore.
  • We utilize the Yubi2HSM and have strict internal HSM policies to securely generate roles and set capabilities for validating.
  • All secrets and backups are “multisig-ed” and stored in bank vaults.
  • Currently, we deploy our sentries across 3 availability zones (US-East, EU and SEA) via 2 service providers (AWS and Hetzner).
  • We have the ability to spin up additional sentries as and when needed within a short period of time, and also utilize private nodes in a seperate VPC to connect with other validators.
  • We settled for a simple setup of having sentries in 2 AZs (US-East and SEA), and 2 validation servers in a Tier 2 Datacenter.
  • Information is piped from our validator to Prometheus for storage, and then visualized via Grafana for monitoring.

[Vishwas1]

[Pratap2018]

https://github.com/hypersign-protocol/hid-node/issues/245