Search Apps Documentation Source Content File Folder Download Copy Actions Download

valopers package

Overview

Package valopers is designed around the permissionless lifecycle of valoper profiles.

Functions

AddToAuthList

func AddToAuthList(cur realm, addr address, member address)

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "AddToAuthList" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "AddToAuthList" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

Auth

func Auth() *authz.Authorizer

Command

gnokey query vm/qeval -remote "https://api.gno.berty.io:443" -data "gno.land/r/gnops/valopers.Auth()"

Result

DeleteFromAuthList

func DeleteFromAuthList(cur realm, addr address, member address)

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "DeleteFromAuthList" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "DeleteFromAuthList" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

NewInstructionsProposalCallback

func NewInstructionsProposalCallback(newInstructions string) func(realm) error

Param

Command

gnokey query vm/qeval -remote "https://api.gno.berty.io:443" -data "gno.land/r/gnops/valopers.NewInstructionsProposalCallback()"

Result

Register

func Register(cur realm, moniker string, description string, serverType string, addr address, pubKey string)

Register registers a new valoper. The `addr` parameter is the operator address (stable identity, profile key); `pubKey` is the consensus signing pubkey, from which the signing address is derived.

Auth shape:

  • Post-genesis: OriginCaller must equal addr (operator-slot squat guard). Genesis-mode replay (ChainHeight()==0) bypasses, so migration .jsonl txs and historical Register replays succeed.
  • Signing-address uniqueness: derived(pubKey) must not already be in signingRegistry, active or retired.
  • Front-running guard: post-genesis, derived(pubKey) must not already be an active validator (a fresh registration cannot squat on the consensus address of an existing validator).

Why OriginCaller==addr is sufficient (no IsUserCall): squatting requires the attacker to be able to satisfy OriginCaller==victim, which requires the victim's signing key. r/sys/namereg/v1.Register also gates on IsUserCall, but that's because IT reads banker.OriginSend() for the anti-squatting payment and IsUserCall is needed to ensure the OriginSend envelope reflects what landed at this realm rather than a phantom payment from a previous frame. valopers.Register has no per-call payment-receipt check (fees are validated against banker.OriginSend in a way that's symmetric to IsUserCall via direct comparison), so the IsUserCall tightening would only block legitimate `maketx run` flows (operator-authored scripts that legitimately set OriginCaller==operator) without adding identity-squat protection.

Auth-list seeding: the profile's Authorizable owner is set to addr (NOT OriginCaller). At H>0 the squat guard makes them equal anyway; at H==0 the deployer pattern (one signer registers many operators) requires owner == addr so each operator can manage their own profile post-genesis without needing the deployer's auth.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "Register" -args $'' -args $'' -args $'' -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "Register" -args $'' -args $'' -args $'' -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

Render

func Render(fullPath string) string

Render renders the current valoper set. "/r/gnops/valopers" lists all valopers, paginated. "/r/gnops/valopers:addr" shows the detail for the valoper with the addr.

Param

Command

gnokey query vm/qeval -remote "https://api.gno.berty.io:443" -data "gno.land/r/gnops/valopers.Render()"

Result

UpdateDescription

func UpdateDescription(cur realm, addr address, description string)

UpdateDescription updates an existing valoper's description.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateDescription" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateDescription" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

UpdateKeepRunning

func UpdateKeepRunning(cur realm, addr address, keepRunning bool)

UpdateKeepRunning updates an existing valoper's active status. Calls v3.NotifyValoperChanged because the cache stores KeepRunning.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateKeepRunning" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateKeepRunning" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

UpdateMoniker

func UpdateMoniker(cur realm, addr address, moniker string)

UpdateMoniker updates an existing valoper's moniker.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateMoniker" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateMoniker" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

UpdateServerType

func UpdateServerType(cur realm, addr address, serverType string)

UpdateServerType updates an existing valoper's server type.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateServerType" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateServerType" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

UpdateSigningKey

func UpdateSigningKey(cur realm, addr address, newPubKey string)

UpdateSigningKey rotates an operator's consensus signing key.

Auth: caller must be on the operator's auth list (defaults to operator at Register time; extendable via AddToAuthList).

Invariants checked at entry:

  • throttle: ChainHeight() - v.LastRotationHeight >= rotationPeriodBlocks
  • signingRegistry uniqueness: derived(newPubKey) not in registry (active OR retired); permanently blocks key reuse
  • fee: banker.OriginSend() >= rotationFee (mirrors Register's fee-check pattern)

Effect: profile's SigningPubKey/SigningAddress/LastRotationHeight updated; old registry entry marked retired (retiredAtHeight = ChainHeight()); new entry inserted into signingRegistry; v3 emits remove+add to sysparams via RotateValoperSigningKey; v3 cache refreshed via NotifyValoperChanged. Rotation lands in consensus at H+2.

Atomicity: Gno tx atomicity rolls back all state if any step panics. If v3.RotateValoperSigningKey panics, the registry insert and profile mutation revert with it.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateSigningKey" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "dev" -remote "https://api.gno.berty.io:443" ADDRESSgnokey query -remote "https://api.gno.berty.io:443" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "UpdateSigningKey" -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "dev" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://api.gno.berty.io:443" call.tx

GetByAddr

func GetByAddr(addr address) Valoper

GetByAddr fetches the valoper using the operator address, if present.

Param

Command

gnokey query vm/qeval -remote "https://api.gno.berty.io:443" -data "gno.land/r/gnops/valopers.GetByAddr()"

Result