Ethereum sequencer contract

Questions
1

Hi team,

I am reviewing the process of deploying a generic Besu domain. So from what the script ruh.sh advanced it shows

  1. bring up a Besu network
  2. bring up a canton container without running the canton process
  3. use canton script sequencer_deployment.canton to use wallet of seq1 to deploy the bytecode on the besu. the contract address will be used for bringing up the canton process.
  4. run the canton process with the seq1 configuration with contract address. the bootstrap is done with domain manager, seq1 and mediator1. note that seq2 is not bootstrapped yet.
  5. use seq1 to authorize wallet of seq2
  6. onboard seq2 to the domain using mydomain.setup.onboard_new_sequencer
  7. connect participant nodes to sequencers

My understanding of seq1 and seq2 are implemented separately due to the authorization is enabled on the sequencer contract. In step 3, the wallet of seq1 is already authorized, and step 5 is required before seq2 can join the domain.

There are several questions
(a) in my network I already have several sequencers and their wallets are known. is it possible to authorize them before we run the canton process with all sequencer configuration, such that we don’t need to do this one-by-one.
(b) i don’t think the current canton command/script supports this. Instead I send ethereum transactions directly to the besu network to deploy the sequencer contract and invoke authorizeAccount to authorize those wallets. is this ok?
(c) In particular, inside the code the function authorizeAccount there is an argument traceParent. What shall it be if I invoke transaction directly instead of using canton command/script?

Thanks for your advice.

kc

1 Like
2

HI @kctam

First off - your understanding of run.sh advanced as described is correct!

Regarding your questions
(a) I don’t think I understand your question - what console command are you ideally looking for here? You can authorize all sequencers from a single console, e.g., via

val accounts: Seq[EthereumAccount] = ???
accounts.map(account => ethereumSequencer1.sequencer.authorize_ledger_identity(account))

However, if they are already part of the Canton domain, that means they are either already authorized or the Ethereum sequencer contract they are running against doesn’t require authorization. Note that it is not possible to change the setting of whether authorization is required or not, after the Ethereum sequencer contract has been deployed.
(b) See above. Internally, <sequencer>.sequencer.authorize_ledger_identity(account) also just calls authorizeAccount but you can also call this manually.
(c) If you invoke the function manually, you can just set traceParent to the empty string "".

Best, Arne

3

Hi @Arne_Gebert , thanks a lot for your reply.

My idea is to deploy the contract with seq1 wallet and invoke authorizeAccount function for seq2 wallet (or others) outside the canton console (or not using canton command). This can be done through Ethereum RPC-JSON or any SDK interacting with the Besu network.

Once both the wallets are authorized, I can bring up the canton process with sequencers properly configured with the wallet and contract ID. Then in the domain bootstrap all the sequencers will be included with one single bootstrap command.

Thanks again!

kc