Search Apps Documentation Source Content File Folder Download Copy Actions Download

valopers package

Overview

Package valopers is designed around the permissionless lifecycle of valoper profiles.

Function

Register

func Register(cur realm, moniker string, description string, serverType string, addr address, pubKey string)

Register registers a new valoper. The `addr` parameter is the operator address (stable identity, profile key); `pubKey` is the consensus signing pubkey, from which the signing address is derived.

Auth shape:

  • Post-genesis: OriginCaller must equal addr (operator-slot squat guard). Genesis-mode replay (ChainHeight()==0) bypasses, so migration .jsonl txs and historical Register replays succeed.
  • Signing-address uniqueness: derived(pubKey) must not already be in signingRegistry, active or retired.
  • Front-running guard: post-genesis, derived(pubKey) must not already be an active validator (a fresh registration cannot squat on the consensus address of an existing validator).

Why OriginCaller==addr is sufficient (no IsUserCall): squatting requires the attacker to be able to satisfy OriginCaller==victim, which requires the victim's signing key. r/sys/namereg/v1.Register also gates on IsUserCall, but that's because IT reads unsafe.OriginSend() for the anti-squatting payment and IsUserCall is needed to ensure the OriginSend envelope reflects what landed at this realm rather than a phantom payment from a previous frame. valopers.Register has no per-call payment-receipt check (fees are validated against banker.OriginSend in a way that's symmetric to IsUserCall via direct comparison), so the IsUserCall tightening would only block legitimate `maketx run` flows (operator-authored scripts that legitimately set OriginCaller==operator) without adding identity-squat protection.

Auth-list seeding: the profile's Authorizable owner is set to addr (NOT OriginCaller). At H>0 the squat guard makes them equal anyway; at H==0 the deployer pattern (one signer registers many operators) requires owner == addr so each operator can manage their own profile post-genesis without needing the deployer's auth.

Params

Command

# WARNING: This command is running in an INSECURE mode.
# It is strongly recommended to use a hardware device for signing
# and avoid trusting any computer connected to the internet,
# as your private keys could be exposed.

gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "Register" -args $'' -args $'' -args $'' -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -chainid "test-13" -remote "https://rpc.test13.testnets.gno.land" ADDRESSgnokey query -remote "https://rpc.test13.testnets.gno.land" auth/accounts/ADDRESS
gnokey maketx call -pkgpath "gno.land/r/gnops/valopers" -func "Register" -args $'' -args $'' -args $'' -args $'' -args $'' -gas-fee 1000000ugnot -gas-wanted 1_000_000_000 -send "" -broadcast=false ADDRESS > call.tx
gnokey sign -tx-path call.tx -chainid "test-13" -account-number ACCOUNTNUMBER -account-sequence SEQUENCENUMBER ADDRESS
gnokey broadcast -remote "https://rpc.test13.testnets.gno.land" call.tx