Manage consensus layer signing keys

Reload new keys

If you add new keys to an existing set of validators, or modify the key configuration files, reload the keys to ensure Web3Signer registers the new or modified keys. Use the reload endpoint to reload the keys in Web3Signer.

curl request

curl -X POST http://localhost:9000/reload

Result

200 Call is successful

Manage keys using Key Manager API

You can manage your keys using the Key Manager API endpoints. You can list keys, import keystores, and delete keys.

Enable the key manager API by running Web3Signer using the --key-manager-api-enabled subcommand option.

List keys

List all validating public keys known to and decrypted by the keystore using the list keys endpoint.

curl request

curl -X GET http://localhost:9000/eth/v1/keystores

Result

{
  "data": [
    {
      "validating_pubkey": "0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a",
      "derivation_path": "m/12381/3600/0/0/0",
      "readonly": true
    }
  ]
}

Import keystores

Import keystores generated by the consensus layer deposit CLI tooling using the import keystores endpoint.

curl request

curl -X POST http://127.0.0.1:9000/eth/v1/keystores --header "Content-Type: application/json"
--data '{
  "keystores": [
    "{\"version\":4,\"uuid\":\"9f75a3fa-1e5a-49f9-be3d-f5a19779c6fa\",\"path\":\"m/12381/3600/0/0/0\",\"pubkey\":\"0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a\",\"crypto\":{\"kdf\":{\"function\":\"pbkdf2\",\"params\":{\"dklen\":32,\"c\":262144,\"prf\":\"hmac-sha256\",\"salt\":\"8ff8f22ef522a40f99c6ce07fdcfc1db489d54dfbc6ec35613edf5d836fa1407\"},\"message\":\"\"},\"checksum\":{\"function\":\"sha256\",\"params\":{},\"message\":\"9678a69833d2576e3461dd5fa80f6ac73935ae30d69d07659a709b3cd3eddbe3\"},\"cipher\":{\"function\":\"aes-128-ctr\",\"params\":{\"iv\":\"31b69f0ac97261e44141b26aa0da693f\"},\"message\":\"e8228bafec4fcbaca3b827e586daad381d53339155b034e5eaae676b715ab05e\"}}}"
  ],
  "passwords": [
    "ABCDEFGH01234567ABCDEFGH01234567"
  ],
    "slashing_protection": "{\"metadata\":{\"interchange_format_version\":\"5\",\"genesis_validators_root\":\"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2\"},\"data\":[{\"pubkey\":\"0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a\",\"signed_blocks\":[],\"signed_attestations\":[]}]}"
  }'

Result

{
  "data": [
    {
      "status": "imported",
      "message": "string"
    }
  ]
}

Delete keys

Delete keys using the delete keys endpoint.

curl request

curl -X DELETE http://localhost:9000/eth/v1/keystores --data '{"pubkeys": ["0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a"]}'

Result

{
  "data": [
    {
      "status": "deleted",
      "message": "string"
    }
  ],
  "slashing_protection": "{\"metadata\":{\"interchange_format_version\":\"5\",\"genesis_validators_root\":\"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2\"},\"data\":[{\"pubkey\":\"0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a\",\"signed_blocks\":[],\"signed_attestations\":[]}]}"
}