secrets-dir flag does not work as intended #5600
Description
Description
Getting the details from #5480 comment: #5480 (comment). 2 issues:
-
If one were to create validator keystores with
lighthouse account validator createand points the password files tosecrets-dirdirectory :lighthouse --network mainnet account validator create --wallet-name wally --wallet-password wally.pass --count 6 --secrets-dir secrets --datadir newThe password files will be created under
$datadir/secrets, not--secrets-dir. This is not an expected outcome, as from the help text:--secrets-dir <SECRETS_DIR> The path where the validator keystore passwords will be stored. Defaults to ~/.lighthouse/{network}/secretsAlthough the
lighthouse account validator createcommand has been deprecated (Ref: https://lighthouse-book.sigmaprime.io/key-management.html), but for transparency we document it here. -
If the
validator_definitions.ymlfile already contains the keystore information, the--secrets-dirflag will not be effective. i.e., one cannot start the VC withlighthouse vc --secrets-dirand expects the VC to read the password from the--secrets-dir. This usage is desirable as one will not need to provide thevoting_keystore_password_pathin thevalidator_definitions.yml. This is helpful as enteringvoting_keystore_password_pathcould be manual, and inconvenient for a large number of validator keys. Having a flag--secrets-dirto direct the VC to read the password from the path solves this inconvenience. To achieve this, we would need the VC to allow not having bothvoting_keystore_password_patandvoting_keystore_passwordin thevalidator_definitions.yml, where currently either of these two fields is required: https://lighthouse-book.sigmaprime.io/validator-management.html#fields
Version
Lighthouse 5.1.3-3058b96
Steps to resolve
No. 1 is mainly to document the bug.
No. 2, we need to allow VC to be able to allow the absent of both flags voting_keystore_password_pat and voting_keystore_password, and instruct the VC to read from the --secrets-dir