Implement config flag for different PrivVal implementations

[hendrikhofstadt]

Since the implementation of IPCVal we have 3 different implementations of PrivVal.

For TCPVal we have a config flag that overrides the privValidator that is passed to the node constructor:

tendermint/node/node.go

Lines 224 to 241 in 80d0a36

	if config.PrivValidatorListenAddr != "" {
	var (
	// TODO: persist this key so external signer
	// can actually authenticate us
	privKey = ed25519.GenPrivKey()
	pvsc = privval.NewTCPVal(
	logger.With("module", "privval"),
	config.PrivValidatorListenAddr,
	privKey,
	)
	)
	if err := pvsc.Start(); err != nil {
	return nil, fmt.Errorf("Error starting private validator client: %v", err)
	}
	privValidator = pvsc
	}

On the one hand this might cause confusions for people implementing an App on Tendermint as you would not expect that the privValidator you are passing could be overwritten and on the other hand this implementation makes it harder or at least ugly to implement the third (IPCVal) and potentially even more implementations.

The questions are:

• Do we want to leave the choice of the PrivVal implementation to the App built on tendermint and use the passed PV ?
• If not how can we beautifully implement the third interface IPCVal ?

[joe-bowman]

It'd probably be sensible to add a config field for privValidatorType, and instantiate the correct class based upon that - then pass in privValidatorLocation (whether it be a file, socket or URI), effectively replacing both of the original fields; that should be pretty future proof too, should we add future validator types.

Would probably be sensible to contiue to support PrivValidatorFile field for backwards compatibility (and possibly PrivValidatorListenAddr too, if it is used elsewhere).

[liamsi]

In the KMS, we do not use command line arguments but a config file instead. I think this is slightly cleaner (but this wouldn't be backwards compatible and might have other downsides which I'm not seeing currently):
https://github.com/tendermint/kms/blob/c80135c8dd86d47df034eb07fde80922053223e8/tmkms.toml.example#L9-L19

Either way (config flag only, or config files), a validator-type flag plus a a validator-path/-location as @joe-bowman suggested makes the most sense IMHO. (viper gives us config file support with cobra / config flags anyways?).

This could look the following way:

• add a priv_validator_type flag (can be “tcp” or “unix”/IPC/socket)
• remove the priv_validator_laddr and replace it with a priv_validator_path which can be used for both types

[liamsi]

ref #2651
ref #2549

[liamsi]

@ebuchman and @melekes suggested to just keep priv_validator_laddr and include a tcp:// or unix:// prefix. This would also be consistent with other listen addresses, e.g.,:

tendermint/cmd/tendermint/commands/lite.go

Line 39 in 80d0a36

LiteCmd.Flags().StringVar(&nodeAddr, "node", "tcp://localhost:26657", "Connect to a Tendermint node at this address")

[joe-bowman]

This was also my first thought. I like the consistency but it's a little unclean and doesn't have the extensibility for future use cases. That said it is a lower risk change which isn't a bad thing right now!

…

On Wed, 14 Nov 2018, 15:49 Ismail Khoffi ***@***.*** wrote: @ebuchman <https://github.com/ebuchman> and @melekes <https://github.com/melekes> suggested to just keep priv_validator_laddr and include a tcp:// or unix:// prefix. This would also be consistent with other listen addresses, e.g.,: https://github.com/tendermint/tendermint/blob/80d0a362500fea2dd089258319075a54e5d40a2d/cmd/tendermint/commands/lite.go#L39 — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#2827 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AEH4YIZWYNAc7PDzZYsjmf71GN9JmGjYks5uvDuRgaJpZM4YcBd1> .

[liamsi]

We probably still need a flag for the secret connection key though (in the "tcp://" case).

[melekes]

With #2866 merged, can we close this? Or there are some open questions?

[joe-bowman]

@liamsi w.r.t the secret connection key, does it make sense to use the priv_validator file (an additional field) for this. Obviously the file is not otherwise used when using an external validator, but it seems the most sensible place to put it.

[melekes]

note: priv_validator file will be split in 2 parts #2870

[ebuchman]

Related to #1231.