-
Notifications
You must be signed in to change notification settings - Fork 337
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add proposal to install salt sharing canister
- Loading branch information
Showing
1 changed file
with
81 additions
and
0 deletions.
There are no files selected for viewing
81 changes: 81 additions & 0 deletions
81
rs/boundary_node/salt_sharing/proposals/install_03-03-2025_135629.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,81 @@ | ||
| # Install the Salt-Sharing Canister from Commit 374556b | ||
|
|
||
| __Proposer__: Boundary Node Team at the DFINITY Foundation | ||
|
|
||
| __Source code__: [374556b515a5c48782ddaf80cffb399cb83ce487][new-commit] | ||
|
|
||
| [new-commit]: https://github.com/dfinity/ic/tree/374556b515a5c48782ddaf80cffb399cb83ce487 | ||
|
|
||
| ## Summary | ||
|
|
||
| The API boundary nodes are in a unique position to provide insights, as all external requests pass through them. | ||
| This data is valuable not only for the operation of the Internet Computer Protocol, but also for dapp developers. | ||
| As part of the [Levitron milestone](https://internetcomputer.org/roadmap#Platform%20Decentralization-Levitron), | ||
| work is being done to make these insights publicly accessible. | ||
|
|
||
| A key prerequisite for this milestone is the consistent anonymization of sensitive data. | ||
| To achieve this, the salt-sharing canister is proposed as a solution, | ||
| which securely distributes a shared salt exclusively to API boundary nodes, | ||
| enabling them to consistently anonymize sensitive data such as IP addresses. | ||
|
|
||
| For more information, take a look at the [corresponding forum post](https://forum.dfinity.org/t/observability-with-the-new-boundary-node-architecture/41725). | ||
|
|
||
| ## Verifying the Installation | ||
|
|
||
| First, make sure your Git repository is up-to-date. | ||
|
|
||
| ``` | ||
| # Option A. Get a fresh copy of the code. | ||
| git clone [email protected]:dfinity/ic.git && cd ic | ||
| # Option B. If you already have a copy of the ICP repo. | ||
| git fetch | ||
| ``` | ||
|
|
||
| Second, checkout the right revision of the code. | ||
|
|
||
| ``` | ||
| git checkout 374556b515a5c48782ddaf80cffb399cb83ce487 | ||
| ``` | ||
|
|
||
| ### Argument Verification | ||
|
|
||
| The [didc][latest_didc] tool is required. | ||
|
|
||
| [latest_didc]: https://github.com/dfinity/candid/releases/latest | ||
|
|
||
| Fingerprint the canister argument: | ||
|
|
||
| ``` | ||
| didc encode \ | ||
| -d rs/boundary_node/salt_sharing/canister/salt_sharing_canister.did \ | ||
| -t '(InitArg)' \ | ||
| '( | ||
| record { | ||
| salt_generation_strategy = variant { StartOfMonth }; | ||
| regenerate_now = true; | ||
| registry_polling_interval_secs = 300 : nat64; | ||
| }, | ||
| )' | xxd -r -p | sha256sum | ||
| ``` | ||
|
|
||
| This should match `arg_hash` field of this proposal. | ||
|
|
||
| ### WASM Verification | ||
|
|
||
| See ["Building the code"][prereqs] for prerequisites. | ||
|
|
||
| [prereqs]: https://github.com/dfinity/ic/tree/374556b515a5c48782ddaf80cffb399cb83ce487/README.adoc#building-the-code | ||
|
|
||
| Build the release version of the canisters: | ||
|
|
||
| ``` | ||
| ./ci/container/build-ic.sh -c | ||
| ``` | ||
|
|
||
| Fingerprint the canister module: | ||
|
|
||
| ``` | ||
| sha256sum ./artifacts/canisters/salt-sharing-canister.wasm.gz | ||
| ``` | ||
|
|
||
| This should match `wasm_module_hash` field of this proposal. |