diff --git a/docs/source/guides/network_node/staking_guide.rst b/docs/source/guides/network_node/staking_guide.rst index b86653033..fe406ccda 100644 --- a/docs/source/guides/network_node/staking_guide.rst +++ b/docs/source/guides/network_node/staking_guide.rst @@ -22,7 +22,7 @@ of security than software wallets. Staking Procedure: 1) Install ``nucypher`` on Staker's machine (see :doc:`/guides/installation_guide`) -2) Establish ethereum account, provider, and signer (see `Staking`_) +2) Establish ethereum account, provider, and, optionally, signer (see `Staking`_) 3) Request testnet tokens by joining the `Discord server `_ and type ``.getfunded `` in the #testnet-faucet channel 4) Initialize a new StakeHolder and Stake (see `Initialize a new stakeholder`_) 5) Initialize a new stake (see `Initialize a new stake`_) @@ -177,7 +177,7 @@ Clef Setup We'll quickly walk through setup steps below, but additional in-depth documentation on clef can be found in the source repository here https://github.com/ethereum/go-ethereum/tree/master/cmd/clef -Clef is typically installed alongside geth. If you already have geth installed on you system you +Clef is typically installed alongside geth. If you already have geth installed on your system you may already have clef installed. To check for an existing installation run: .. code:: bash @@ -250,10 +250,62 @@ Some examples: Interacting with clef ********************* -Requests for account management, and signing will be directed at clef, with a 10 second timeout. +Requests for account management, and signing will be directed at clef, with a 60 second timeout. Be alert for user-interactive requests and confirmations from the clef CLI. +By default, all requests to the clef signer require manual confirmation. +This include not only transactions, but also more innocuous requests such as listing the accounts +that the signer is handling. This means, for example, that a command like ``nucypher stake accounts`` will first +ask for user confirmation in the clef CLI before showing the staker accounts. + +To overcome this, Clef allows to define rules to automate the confirmation of certain transactions, +or more generally, of some requests to the signer. +In particular, we recommend users using a Clef signer with nucypher that define the following rules file, +which simply approves the listing of accounts: + +.. code:: javascript + + function ApproveListing() { + return "Approve" + } + +The sha256 digest of this particular 3-line file is ``8d089001fbb55eb8d9661b04be36ce3285ffa940e5cdf248d0071620cf02ebcd``. +We will use this digest to attest that we trust these rules: + +.. code:: bash + + $ clef attest 8d089001fbb55eb8d9661b04be36ce3285ffa940e5cdf248d0071620cf02ebcd + + WARNING! + + Clef is an account management tool. It may, like any software, contain bugs. + + Please take care to + - backup your keystore files, + - verify that the keystore(s) can be opened with your password. + + Clef is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; + without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. See the GNU General Public License for more details. + + Enter 'ok' to proceed: + > ok + + Decrypt master seed of clef + Password: + INFO [04-14|02:00:54.740] Ruleset attestation updated sha256=8d089001fbb55eb8d9661b04be36ce3285ffa940e5cdf248d0071620cf02ebcd + + +Once the rules file is attested, we can run Clef with the ``--rules rules.js`` flag, +to indicate which are the automated rules (in our case, allowing listing of accounts): + +.. code:: bash + + $ clef --keystore /path/to/keystore --chainid 5 --advanced --rules rules.js + + + Initialize a new stakeholder ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~