Hi,
I have a few questions about mytonctrl and validators.
Is there anyway not to store private key of the wallet for staked ton on the server?
Is there any best practices for wallet key storage?
I've started a server, and run mytonctrl successfully. However, it looks like that I have to keep private keys on the server. Maybe as part of the validation, my node needs to sign blocks, but in this case, do everyone keep their keys on the servers?
Sep 22, 2022, 6:11 AM
The current best practice is to use the nominator pool contact on top (which supports a pool of people staking together on one validator).
The nominator contract acts as a “secure” wallet that holds all the stake and moves it back and forth to the elector. It doesn’t allow sending the stake to anyone but the original depositor and the elector.
Then mytonctl only holds the key for a non-dangerous wallet which can’t touch the stake itself, only gas for elections. So even if the mytonctrl server is compromised and its key stolen, this key can’t touch the money.
The nominator contract acts as a “secure” wallet that holds all the stake and moves it back and forth to the elector. It doesn’t allow sending the stake to anyone but the original depositor and the elector.
Then mytonctl only holds the key for a non-dangerous wallet which can’t touch the stake itself, only gas for elections. So even if the mytonctrl server is compromised and its key stolen, this key can’t touch the money.
Even if you just have one depositor that owns all the stake, you still create a nominator pool with just a single depositor
Sep 22, 2022, 6:55 AM