Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[question] single signer warning #205

Closed
mkaczanowski opened this issue Sep 29, 2023 · 3 comments
Closed

[question] single signer warning #205

mkaczanowski opened this issue Sep 29, 2023 · 3 comments

Comments

@mkaczanowski
Copy link

Hi,

I stumbled upon warning:

	singleSignerWarning = `@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: SINGLE-SIGNER MODE SHOULD NOT BE USED FOR MAINNET! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Horcrux single-signer mode does not give the level of improved 
key security and fault tolerance that Horcrux MPC/cosigner mode
provides. While it is a simpler deployment configuration, 
single-signer should only be used for experimentation
as it is not officially supported by Strangelove.`
)

It is my impression (maybe incorrect) that many people actually use degen mode (single signer, multiple nodes) setup quite frequently and yet I see this setup is or was unsupported.

Is there any particular reason why you (Strangelove) decided to mark it as for experimentation or there are actual risks for people who use it?
@agouin
Copy link
Member

agouin commented Sep 29, 2023

We have kept the single sign mode in the software for convenience, but it is not the intended use of horcrux, as the name implies.

The main risk is availability, as if the single signer goes down, you will no longer be signing, regardless of how many sentries you have deployed.

We decided to leave it unsupported so that our team does not need to focus our bandwidth on any issues that may arise from using single-sign mode. For example, there is a known issue with the single-sign mode state file encoding which requires manually changing the state file to fix, and having the single-sign mode as unsupported helps to convey why we haven't prioritized a fix for that as opposed to other issues in the repo.

@mkaczanowski
Copy link
Author

Thanks @agouin for uber fast response!

The main risk is availability, as if the single signer goes down, you will no longer be signing, regardless of how many sentries you have deployed.

yes that is obvious and legit argument. However for some networks like SEI the speed of threshold signer is simply too slow, therefore I know some people use single-signer as primary solution, because it lets you survive if one sentry/node goes down and the signer is up. This setup keeps up with the network speed.

We decided to leave it unsupported so that our team does not need to focus our bandwidth on any issues that may arise from using single-sign mode

makes perfect sense

@mkaczanowski
Copy link
Author

closing, since I think I got the answer I wanted. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mkaczanowski @agouin