Canton Ethereum Domain on Besu

Hi team,

I have tested the demonstration of the subject according to the documentation. Two questions in my mind.

(1) I notice that there is no EOA (enduser owned account) for the sequencer. By inspecting the network I only see the four ethereum addresses for the four nodes. When update is made on the ledger, what account does the sequencer use? I assume we need the private key to sign the transaction when updating the ledger in Besu.

(2) In real life we may be given a running Besu network and an EOA for the sequencer. It is not difficult to deploy the bytecode of sequencer on a runnning network. Where can I specify the EOA (i.e. private key and account) used by sequencer? Just a quick comparison, in Fabric we need to specify the credential of Admin for the sequencer. Just look for something similar in the Ethereum/Besu setup.

Many thanks in advance.

kc

1 Like

Hi kc,

(1) I notice that there is no EOA (enduser owned account) for the sequencer. By inspecting the network I only see the four ethereum addresses for the four nodes. When update is made on the ledger, what account does the sequencer use? I assume we need the private key to sign the transaction when updating the ledger in Besu.

Canton’s Ethereum integration uses a multi-reader multi-writer configuration, so there can be multiple sequencer nodes, where each sequencer node is basically a JVM process. Each sequencer node currently uses a new, randomly generated set of credentials because we currently run on a free-gas network. Picking your own ethereum account to use for a sequencer node isn’t supported at the moment, though I wouldn’t expect it to be difficult to add to the integration.

(2) In real life we may be given a running Besu network and an EOA for the sequencer. It is not difficult to deploy the bytecode of sequencer on a runnning network. Where can I specify the EOA (i.e. private key and account) used by sequencer? Just a quick comparison, in Fabric we need to specify the credential of Admin for the sequencer. Just look for something similar in the Ethereum/Besu setup.

You can’t specify the EOA account for the sequencer node at the moment, you need to configure a free-gas network so a new account with no ether will work.

Thank you for asking this question, I’ll update our documentation to be more clear :slight_smile:

3 Likes

Thanks @Phoebe_Nichols for this information.

A follow-up on (2). If a customer has a running gas-free besu network, i should be able to
(1) deploy contract (bytecode is available in the example)
(2) obtain contract ID and configure it for the sequencer
I am drafting the process to deploy sequencer in a running Besu. See if this works.

Besides, I suppose the contract should handle well that only sequencer can update the states, as the access control is not at EOA address level. If not, anyone can write anything on the contract once the contract ID is known.

Thanks again.

cheers,
kc

1 Like

Preformatted textA follow-up on (2). If a customer has a running gas-free besu network, i should be able to
(1) deploy contract (bytecode is available in the example)
(2) obtain contract ID and configure it for the sequencer
I am drafting the process to deploy sequencer in a running Besu. See if this works.

Yes, you should be able to deploy the Sequencer.sol solidity contract using the provided binary, and you can put the Sequencer.sol contract address in the configuration file for the Sequencer node.

Besides, I suppose the contract should handle well that only sequencer can update the states, as the access control is not at EOA address level. If not, anyone can write anything on the contract once the contract ID is known.

The Sequencer.sol contract does not perform access control: anyone connected to the ethereum network can request that some data be sequenced. In this sense, access to the ethereum network itself should be controlled, as is usually the case for free-gas networks. The Sequencer.sol contract does perform the “logic” of sequencing itself, so this logic is always enforced.

2 Likes

Thanks @Phoebe_Nichols for your reply.

cheers,
kc

1 Like