Skip to content

Commit dee28f5

Browse files
iulianpascalauiulianpascalau
committed
- fixes after review
1 parent 01fce0e commit dee28f5

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

docs/validators/key-management/multikey-nodes.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -159,10 +159,10 @@ As stated above, the multikey feature is able to use any number of keys with jus
159159
At the first sight, this can be seen as a security degradation in terms of means of attacking a large staking provider but there are ways to mitigate these concerns as explained in the following list:
160160
1. use the recommendation found in this page regarding the maximum number of keys per multikey group;
161161
2. for each main multikey group use at least one backup multikey group in case something bad happens with the main group;
162-
3. use the NamedIdentity configuration explained above to hide the BLS keys and their declared identity from the actual nodes that manages the keys.
162+
3. use the `NamedIdentity` configuration explained above to obfuscate the BLS keys and their declared identity from the actual nodes that manage the keys.
163163

164164
Regarding point 3, each managed BLS key will create a virtual p2p identity that no node from the network can connect to since it does not advertise the connection info but is only used to sign p2p messages.
165-
Associated with a separate named identity, the system will make that BLS key virtually unreachable, and it's origin hidden from the multikey nodes. For this to work properly, the node operators will need to apply the following changes on the `prefs.toml` file:
165+
Associated with a separate named identity, the system will make that BLS key virtually unreachable, and its origin hidden from the multikey nodes. Therefore, the node operators will need to apply the following changes on the `prefs.toml` file:
166166
* in the `[Preference]` section, the 2 options called `NodeDisplayName` and `Identity` will be changed to something relevant for the nodes that are running the multikey group;
167167
* in the `[[NamedIdentity]]` section, the 2 options called `NodeName` and `Identity` will be changed to the real identities of the BLS keys: such as the staking provider brand names. **They should be different from the ones defined in the `[Preference]` section.**
168168

0 commit comments

Comments
 (0)