Add --val-private-key-file flag for key assignment tx

[jmc000]

Summary

This issue aims to propose adding a flag to key-assignment command in order to make it simpler for validator that are using a remote signer.

Problem Definition

When a validator use a remote signer then the $HOME/.gaia/config/priv_validator_key.json file is not / should not be the right private key used to sign blocks.

So when doing key-assignment the validator would have to re-initiate a temporary .gaia folder, reconfigure the CLI endpoint & chain-id, import a wallet to sign the tx and import the correct priv_validator_key.json in order to be able to make his key-assignment tx.

This is a bit annoying and I think it could be improve simply by adding a flag to the gaiad tx provider assign-consensus-key command.
It can also be quite confusing, as shown by the many messages on Discord for the Stride ICS migration.

Proposal

Add a flag to gaiad tx provider assign-consensus-key command that allow to point to a specific priv_validator_key.json file.

gaiad tx provider assign-consensus-key <consumer-chain-id> <consumer-pubkey> --priv-validator-key-file /tmp/priv_validator_key.json --from validator --home $HOME/.gaia ...

If the --priv-validator-key-file flag is not specified then use the private key inside the home folder

[MSalopek]

Hi, thanks for opening the issue!
It would be great to improve UX around this procedure.

I am looking into your concerns but I have some questions, if you don't mind?

What would be the role of the --priv-validator-key and how do you imagine it could be used?
Besides that, could you point me to the remote signer you are using so I can check it out?

---

Some context:

The priv_validator_key.json contains a tendermint consensus key that the node will use to sign blocks.

<consumer-pubkey> is a public key of a consensus key that will be used on consumer chain, also to sign blocks.

The --from key is not a consensus key it is an account key.

• the --from is not used to sign blocks on the network
• the purpose of that key is to derive your valoper and delegation addresses and enable you to sign Txs on chain.

The software uses the --from to verify validator identity - the Tx signer must be the actual account key of the validator operator.

Thanks again!

[MSalopek]

Issue marked as blocked until more context is available from original poster or other interested parties.

Please do not close this issue yet, more feedback is needed.

[MSalopek]

Since there was no activity after requesting more data and feedback I will go ahead and close this issue.

Feel free to tag me or reopen if the situation changes.