TMKMS Setup
This guide assume you have already installed TMKMS and are adding a new chain.
mkdir ~/kms
cd ~/kms
# make chain directory
mkdir bera
cd bera
tmkms init .
#copy/paste your priv_validator_key.json from your validator in this file
nano ~/kms/bera/secrets/priv_validator_key.json
#Softsign key
tmkms softsign import secrets/priv_validator_key.json secrets/validator_key.key
#remove validator key after signing
rm ~/kms/bera/secrets/priv_validator_key.jsonModify tmkms.toml:
nano tmkms.toml
# Tendermint KMS configuration file
## Chain Configuration
[[chain]]
id = "artio-80085"
key_format = { type = "bech32", account_key_prefix = "tnam", consensus_key_prefix = "cosmosvalconspub" }
state_file = "/home/<user>/kms/namada/state/berachain-consensus.json"
## Signing Provider Configuration
### Software-based Signer Configuration
[[providers.softsign]]
chain_ids = ["artio-80085"]
key_type = "consensus"
path = "/home/<user>/kms/namada/secrets/validator_key.key"
## Validator Configuration
[[validator]]
chain_id = "artio-80085"
addr = "tcp://<ValidatorIP>:26659"
secret_key = "/home/user/kms/bera/secrets/kms-identity.key"
# this may need to be updated via {daemon} tendermint version
protocol_version = "v0.34"
reconnect = trueCreate a service file:
sudo nano /etc/systemd/system/tmkms-namada.service
# unit file
[Unit]
Description=Berachain TMKMS
After=network.target
[Service]
Type=simple
User=<user>
WorkingDirectory=/home/<user>/
ExecStart=/home/<user>/.cargo/bin/tmkms start -c /home/<user>/kms/bera/tmkms.toml
Restart=always
RestartSec=3
LimitNOFILE=65535
[Install]
WantedBy=multi-user.targetThen, we'll enable the service file and start it:
sudo systemctl daemon-reload
sudo systemctl enable tmkms-berachain
sudo systemctl restart tmkms-berachain
journalctl -u tmkms-berachain -fUpdate Target Validator Node:
nano ~/home/<user>/.berad/config.toml
# modify validator config.toml
-> priv_validator_laddr = "tcp://0.0.0.0:26659"
-> # priv_validator_key_file = "config/priv_validator_key.json"
-> # priv_validator_state_file = "data/priv_validator_state.json"
# remove validator key from node
rm ~/home/<user>/.berad/config/priv_validator_key.json
# open ports
sudo ufw allow from <IP ADDRESS OF SIGNER> to any port 26659
# restart daemon
sudo systemctl restart berad
journalctl -u berad -fNote: you may need to restart tmkms-berachain on the TMKMS server after opening ports:
sudo systemctl restart tmkms-berachain
journalctl -u tmkms-berachain -fLast updated
