ĞDev5 smiths

Yes, just realized that. I’m still using the image I built. Reverting to the official one… It works!


Nice! I added you to the list, now we have to introduce you to the smith WoT ^^

1 Like

I’ll experiment a bit with the configuration. Then there are chances I’ll propose some configuration changes to the docker image.


I started a validator node.
But I was not able to send my session keys because my identity is on a v1 account…

So I need to move my identity on a v2 account before becoming a smith.
I will continue to work on the v1 to v2 account move in Tikka, as it is a perfect use case for it.


You can set your session keys and go online using Gcli, there is a branch with an option to use legacy credentials. ChangeOwnerKey is not yet implemented.

But you have to build it, or I can provide an x86_64 build this afternoon.

Edit: gcli x86_64 build with duniter v1 seedhex support

Actually polkadot guesses the public addr at startup:

2023-01-05 19:17:16 🔍 Discovered new external address for our node: /ip4/

But this cannot work when behind a proxy if you don’t map the P2P port to the very same one on the host. Then you need to configure the public address. Here is what I came up with for my server:

      - DUNITER_PUBLIC_ADDR=/dns/gdev.pini.fr/tcp/443/wss

then polkadot automagically completes it with the endpoint path:

2023-01-05 19:17:13 🔍 Discovered new external address for our node: /dns/gdev.pini.fr/tcp/443/wss/p2p/12D3KooWHswPUroThetPjvAHL9T64XkT4YxZjgYie49FHL1G55AH

I’ve opened a MR to improve the docker image configuration and documentation.

And now I have two running nodes:

  • pini-gdev-rpc
    • rpc-http
    • rpc-ws
    • p2p via ws
  • pini-gdev-smith
    • p2p via ws

Both are behind my reverse-proxy and none of their ports is directly exposed to the outside.
Any way to check their connectivity status w/r to their respective endpoints?

OK, I think I’m ready to go this way now. First I need to become a member. Here is my new key:


Please certify it :slight_smile:

1 Like

Identity created, you need to call identity.confirmIdentity with a name.

1 Like

Thanks @tuxmain. But I’m lost :confused:

The key I gave in my previous post is a derivation //0 from my root key. I created my account in PolkadotJs using the mnemonics, which relates to my root key. How to I tell PolkadotJs to use the derivation?

EDIT: Found the advanced settings option in PolkadotJs account creation UI. I’ve created an account for derivation //0 and triggered the identity.confirmIdentity(“Pini”) action. I’ve had no error message. But neither Tikka nor Gecko tell me that the identity was created.

EDIT2 : Connected Tikka to my own RPC node and now I see my identity was confirmed \o/

1 Like

You did confirm your identity and so I was able to certify you. Now, @poka @1000i100 @vit or any Ğ1 member can certify you using Ğecko. In parallel, we can submit smith certs like this:


The identity index correspond to my and your identity. They can be found via RPC call

We should build tool to monitor the smith WoT and emit smith certs.

1 Like

I’ve added a polkadot-js-apps service (Polkadot/Substrate Portal) and opened the rpc-ws port of the validator node (but protected it with a certificate based auth).

1 Like

Anyone ? Thanks in advance.

1 Like

I wanted to list all your received smith cert, but since it’s not yet available in the custom indexer https://gdev-indexer-graphiql.p2p.legal/, I wanted to use the generic indexer https://hydra.gdev.librelois.fr/ but it’s down, so I wanted to setup one (like this). I do not want to put it on the same server as my gdev validator, so I needed to setup a new node, and because it’s the occasion to test the docker image produced in your MR !123, I tried to use pinidh/duniter-v2s:sha-3189d769 but it seems to be private, can you make it public?

[edit] I added a branch release/poka-chainspec-gdev5-pini-docker on your commit to get the CI running on this one.

It is public already. Can you try pinidh/duniter-v2s:sha-latest?

1 Like

Ça marche :slight_smile:


Right now, Pini has received one two three four smith certifications:

over 6 smith

These smith are currently the one defined in the genesis:

I added a smith cert for elois using sudo, but for the other, please certify Pini to allow him to add blocks.


@Pini it should be ok now, you should be able to call smithsMembership.claimMembership() smithsMembership.requestMembership() with success.

[edit] process is documented here La sous-toile forgerons

1 Like

The call smithsMembership.requestMembership() fails with an error which resemble IdtyNotAllowedToRequest...

Here is how I proceeded:

  1. Connect to my smith node using PolkadotJS
  2. Rotate key with RPC call author.rotateKey()
  3. Copy the resulting key into the clipboard
  4. Extrinsic call smithsMembership.requestMembership() using my registered account ‘PINI’ with parameters:
    a. P2P endpoint = /dns/gdev-smith.pini.fr/tcp/443/wss/p2p/12D3KooWCEVBrLK9g8unsHLj8wWzobbwArDZMMwg5LeCbiWhB3ug
    b. Session key = <clipboard content from 3.>

The reason is that your identity is not member of the main web of trust. I should improve the error message (note: TODO). You have to become member of the main wot, which means get certification from any member. You can ask the beta-testers of Ğecko to certify you for example.

A better way would have been to migrate your Ğ1 identity imported in the genesis to a SR25519 key. But now you have two identities (this should only happen in a test currency). You can also ask for smith certs on the other identity. I did just see that you were not member of Ǧ1 !

1 Like