fix(scripts): preserve node_key.json across state sync (PLT-415)#3527
Conversation
state_sync.sh backed up and restored priv_validator_key.json but not node_key.json, even though both live in ~/.sei/config. Moving config to the backup dir and restoring only the validator key left node_key.json behind, so LoadOrGenNodeKey generated a fresh key on next start and the node's NodeID changed. Any peer with the old NodeID@host:port in persistent_peers then silently failed to connect. Back up and restore node_key.json alongside the validator key so node identity is preserved across a state sync.
PR SummaryLow Risk Overview Without that file, the node would mint a new NodeID on restart and The change is symmetric copy-in / copy-out around the existing key backup flow; state sync behavior itself is unchanged. Reviewed by Cursor Bugbot for commit 44712ef. Bugbot is set up for automated code reviews on this repo. Configure here. |
|
The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3527 +/- ##
==========================================
- Coverage 59.15% 58.30% -0.85%
==========================================
Files 2213 2140 -73
Lines 182710 174341 -8369
==========================================
- Hits 108077 101650 -6427
+ Misses 64930 63667 -1263
+ Partials 9703 9024 -679
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
|
Hey hey! Followed up on masih's note that the script usually run is the one in sei-infra, so I went and checked that one too — good news is it doesn't have this bug, so we don't need a parallel fix over there! The short version is the two scripts have drifted apart. The sei-infra one ( I also checked the automated recycle path ( So the node key loss is really specific to this in-repo Let me know if I've missed anything or you'd like me to dig in further! |
Summary
priv_validator_key.jsonbefore wiping~/.sei/config, but notnode_key.json— which lives in the same directory. The wholeconfig/dir is moved to~/.sei_backupand only the validator key is copied back, sonode_key.jsonnever returns.LoadOrGenNodeKeyfinds no key and generates a fresh Ed25519 keypair, giving the node a brand-new NodeID (hex(sha256(pubkey)[:20])). Any peer that has the oldNodeID@host:portinpersistent_peersthen silently fails to connect, because Tendermint rejects the handshake when the advertised NodeID doesn't match.node_key.jsonalongsidepriv_validator_key.json, preserving node identity across a sync.Test plan
bash -n scripts/state_sync.sh— syntax cleannode_key.jsonis now copied to$HOME/key_backupbefore the config wipe and copied back to$HOME/.sei/config/afterward, mirroring the existingpriv_validator_key.jsonhandlingseid tendermint show-node-id) is unchanged afterwardNotes
sei-infra. This PR fixes the in-repo script; thesei-infracopy should be patched and redeployed separately so existing nodes actually pick up the fix.