Cloud Sign 1.6.0
Summary
Changes
- General improvements to MPC
Added
- Support for postgres as database backend
Cloud Sign Database Backends
Postgres support brings configurability for the database backend. The DB_DRIVER
environment variable controls the type of database used in the backend. The default value for this variable is local
but it can be set to postgres
.
Local mode
In local
mode, the Cloud Sign node stores the main database as well as the respective TSM (Threshold Signing Module) databases on disk. These databases are encrypted on disk using either one of the following environment variables:
DB_ENCRYPTION_KEY_HEX
: AES 256 key specified in the environment as hexDB_ENCRYPTION_KEY_REF
: AWS ARN of the AWS KMS key for encrypting the generated AES 256 database encryption key
Note that if you specify the
DB_ENCRYPTION_KEY_REF
, you must ensure that the Cloud Sign instance is able to performencrypt
anddecrypt
operations. Depending on your deployment model, you may either need to deploy the Cloud Sign node in an AWS environment with appropriate IAM role or provide relevant AWS credentials in the environment.
Postgres mode
In postgres
mode, the Cloud Sign node requires two database servers for connection:
- Main database server for indexing and management
- TSM database server for securely storing encrypted shards
Use the following environment variables to configure the postgres
mode:
Environment Variable | Value description | Example |
---|---|---|
DB_DRIVER | Name of the database driver to use. Must be postgres to enable the postgres backend | postgres |
DB_DATA_SOURCE | Main data source connection string. | postgres://postgres:[email protected]:5432/postgres |
TSM_DB_DATA_SOURCE | TSM data source connection string | postgres://postgres:[email protected]:5432/postgres |
Permissions
Both databases must be empty on first run in order for the Cloud Sign node to run the relevant migration scripts and create respective tables.
The Cloud Sign node creates a new database for every quorum that it is part of and therefore it must have permission to create its own database. It will use the same user credentials to connect to all TSM databases.
Additional notes
- Ensure you are not using
sslmode=disable
in a production setting and are using at least one ofrequire
,verify-ca
orverify-full
to ensure a secure connection between the Cloud Sign and the database. - You can urlencode (or escape) the database password inside the connection string if the password contains characters that are not compatible with unix environment variables.