You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/operator/guides/node-wallet-setup.md
+39-2Lines changed: 39 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -83,18 +83,55 @@ You can request 5000 nDUSK from our [Discord faucet](/operator/guides/nocturne-f
83
83
84
84
The final step is staking. To allow your node to participate in consensus and earn rewards, your wallet must stake at least 1000 DUSK.
85
85
86
-
Initiate staking with:
86
+
### Owner vs Consensus Keys
87
+
88
+
A Dusk stake involves two roles:
89
+
90
+
-**Consensus Key**: Used by your node to participate in consensus to vote and sign blocks.
91
+
-**Owner Key**: The key/address that can `unstake` and `withdraw` your stake.
92
+
93
+
If you do not specify an owner when staking, the consensus key automatically becomes the owner. This is the simplest setup, but it has different security implications than using a separate owner key.
94
+
95
+
### Option 1: Keep Owner and Consensus the same (default)
87
96
88
97
```sh
89
98
rusk-wallet stake --amt 1000 # Replace with your desired amount
90
99
```
91
100
101
+
**Pros**:
102
+
Simpler setup, only one address to manage.
103
+
104
+
**Cons**:
105
+
If the node is compromised and the attacker gains access to the consensus key or an unprotected wallet, they can steal your funds.
106
+
107
+
This option is acceptable if your server is well-hardened (SSH key-only access, no password logins, firewall, restricted users).
108
+
109
+
### Option 2: Separate Owner and Consensus Keys (recommended)
110
+
111
+
```sh
112
+
rusk-wallet stake --amt 1000 --owner <OWNER_ADDRESS># Replace with an address from the same mnemonic
113
+
```
114
+
115
+
Replace <OWNER_ADDRESS> with another address (e.g., from Profile 2) derived from the same mnemonic you used to set up the node wallet.
116
+
117
+
**Pros**:
118
+
Even if your node or consensus key is compromised, only the owner key can unstake or withdraw funds.
119
+
120
+
**Cons**:
121
+
Slightly more operational overhead. You must keep the owner key safe and available whenever you need to unstake or restake.
122
+
123
+
**Security note**: This is most effective if you do not store the mnemonic on the server, or if you use a strong wallet password different from the provisioner key password.
124
+
125
+
## After Staking
126
+
92
127
After the stake transaction, verify that your stake status is updated:
93
128
94
129
```sh
95
-
rusk-wallet stake-info
130
+
rusk-wallet stake-info --profile-idx 0 # Replace with a different profile if applicable
96
131
```
97
132
133
+
**Note**: Each address from the same mnemonic has a profile index. Use the one corresponding to your consensus key when checking stake info.
134
+
98
135
Check for the `eligible stake` and `stake active from block` fields to be updated.
99
136
100
137
**Note**: Your stake takes 2 epochs (4320 blocks) to mature. Only after that will it start participating in consensus.
0 commit comments