added

Cloud Sign 1.6.0

Summary

Changes

  • General improvements to MPC

Added

  • Support for postgres as database backend

Cloud Sign Database Backends

Postgres support brings configurability for the database backend. The DB_DRIVER environment variable controls the type of database used in the backend. The default value for this variable is local but it can be set to postgres.

Local mode

In local mode, the Cloud Sign node stores the main database as well as the respective TSM (Threshold Signing Module) databases on disk. These databases are encrypted on disk using either one of the following environment variables:

  1. DB_ENCRYPTION_KEY_HEX: AES 256 key specified in the environment as hex
  2. DB_ENCRYPTION_KEY_REF: AWS ARN of the AWS KMS key for encrypting the generated AES 256 database encryption key

📘

Note that if you specify the DB_ENCRYPTION_KEY_REF, you must ensure that the Cloud Sign instance is able to perform encrypt and decrypt operations. Depending on your deployment model, you may either need to deploy the Cloud Sign node in an AWS environment with appropriate IAM role or provide relevant AWS credentials in the environment.

Postgres mode

In postgres mode, the Cloud Sign node requires two database servers for connection:

  1. Main database server for indexing and management
  2. TSM database server for securely storing encrypted shards

Use the following environment variables to configure the postgres mode:

Environment VariableValue descriptionExample
DB_DRIVERName of the database driver to use. Must be postgres to enable the postgres backendpostgres
DB_DATA_SOURCEMain data source connection string.postgres://postgres:[email protected]:5432/postgres
TSM_DB_DATA_SOURCETSM data source connection stringpostgres://postgres:[email protected]:5432/postgres

Permissions

Both databases must be empty on first run in order for the Cloud Sign node to run the relevant migration scripts and create respective tables.

The Cloud Sign node creates a new database for every quorum that it is part of and therefore it must have permission to create its own database. It will use the same user credentials to connect to all TSM databases.

Additional notes

  1. Ensure you are not using sslmode=disable in a production setting and are using at least one of require, verify-ca or verify-full to ensure a secure connection between the Cloud Sign and the database.
  2. You can urlencode (or escape) the database password inside the connection string if the password contains characters that are not compatible with unix environment variables.