tmkms vs yubihsm2 sdk version dependency

iqlusioninc / tmkms

Tendermint KMS: Key Management System for Tendermint Validators

https://tendermint.com/

Apache License 2.0

336 stars 121 forks source link

tmkms vs yubihsm2 sdk version dependency #743

Closed vchong closed 1 year ago

vchong commented 1 year ago

Is there a way to find out which versions of tmkms support which versions of yubihsm2 sdk (https://developers.yubico.com/YubiHSM2/Releases/)? E.g. if running tmkms v0.12.2, which version of the yubihsm2 sdk should/can be downloaded/run?

tony-iqlusion commented 1 year ago

TMKMS doesn't require the YubiHSM SDK

vchong commented 1 year ago

But in order to run tmkms with the yubihsm2 device, we have to download the sdk to install yubihsm-connector.

[UPD] static link from comment below: https://github.com/iqlusioninc/tmkms/blob/9659b70f52119f850160efe2281a139587903ec1/tmkms.toml.example#L53

tony-iqlusion commented 1 year ago

TMKMS supports directly communicating to the YubiHSM2 via USB, without the need for yubihsm-connector.

You're free to use whatever version you'd like if you prefer to use yubihsm-connector. Also note that TMKMS has built-in support for presenting a yubihsm-connector-compatible service if it talks directly via USB:

https://github.com/iqlusioninc/tmkms/blob/main/tmkms.toml.example#L53