Follow-up from PR #740.
Code:
|
/// Canton JSON Ledger API configuration. |
|
/// |
|
/// # Contract migration |
|
/// |
|
/// When the Signer DAR is upgraded and redeployed, both `signer_contract_id` |
|
/// and `signer_template_id` change (similar to deploying a new Ethereum |
|
/// contract — the old address/ID is gone). Currently the MPC node requires a |
|
/// restart with updated CLI args to pick up the new IDs. |
|
/// |
|
/// TODO: decide how to handle DAR upgrades without MPC node downtime. |
Related check:
|
// Check 3: ExercisedEvent with choice "SignBidirectional" on the pinned |
|
// Signer contract must exist in the same transaction. Exact contract ID |
|
// match since the operator pinned it via CLI. |
|
// NOTE: after a DAR upgrade/redeployment the contract ID changes — this |
|
// check will reject all events until the node is restarted with the new ID. |
|
// See CantonConfig migration TODO. |
Context: when the Signer DAR is upgraded and redeployed, both signer_contract_id and signer_template_id change. Today the MPC node needs a restart with new CLI args, and the stream verification rejects events until the new contract ID is configured. Decide how Canton DAR upgrades should be handled without MPC node downtime.
Follow-up from PR #740.
Code:
mpc/chain-signatures/node/src/indexer_canton/mod.rs
Lines 164 to 173 in 93c8e00
Related check:
mpc/chain-signatures/node/src/indexer_canton/stream.rs
Lines 444 to 449 in 93c8e00
Context: when the Signer DAR is upgraded and redeployed, both
signer_contract_idandsigner_template_idchange. Today the MPC node needs a restart with new CLI args, and the stream verification rejects events until the new contract ID is configured. Decide how Canton DAR upgrades should be handled without MPC node downtime.