Configuration

Configuring your Virtual Signer

When using the docker.env approach we introduced in the Deployment guide, most of these settings may be defined in your docker.env file that is used by your Docker instance. Most of them are populated by defaults, but you may want to set your own values in some cases.

On changing a configuration item, please restart your Virtual Signer instances to make the changes take effect. When using docker-compose, you could run docker-compose restart to restart all services.

Contact your io.finnet representative for more information if you would like to understand more about these options.

Configuration

Description

Port EDG_VS_Port Integer

The TCP port opened by the Virtual Signer, part of the URL exposed for device registration.

PrometheusPort
EDG_VS_PrometheusPort
String

The port that the Prometheus /metrics HTTP endpoint will be served on. See Deployment for more details on how monitoring a Virtual Signer works.

BindingNetworkName
EDG_VS_BindingNetworkName
String

The network name or IP address bound within the local host for accepting POST requests for device registration.

LogLevel
EDG_VS_LogLevel
String

The log level of the Virtual Signer. Valid values are "info" or "debug".

APIBaseURL
EDG_VS_APIBaseURL
String

The URL of the io.vault or io.network API. This URL has a placeholder "%s", which the Virtual Signer replaces with a method name (e.g., "accessToken").

MQTTEndpoint
EDG_VS_MQTTEndpoint
String

The URL of the MQTT service for protocol messages exchanged among devices.

MQTTCACert
EDG_VS_MQTTCACert
String

A MQTT certificate in string format. New lines must be represented as "\n".

OrgId
EDG_VS_OrgId
String

Optional. The organization ID used when registering a device on launch. Required if InitialDevices is defined.

InitialDevices
EDG_VS_INITIAL_DEVICES
String

Optional. Comma-separated device names to be registered on launch. Requires OrgId.

AuthClientId
EDG_VS_AuthClientId
String

The client ID used for authentication along with AuthClientSecret.

AuthClientSecret
EDG_VS_AuthClientSecret
String

The client secret used for authentication with AuthClientId.

GraphQLService
EDG_VS_GraphQLService
String

The URL of the GraphQL service.

ExternalReshareApprovalURL
EDG_VS_ExternalReshareApprovalURL
String

The URL of a user API that approves or rejects reshare requests. Required if ApprovalMode="API".

ExternalTransactionApprovalURL
EDG_VS_ExternalTransactionApprovalURL
String

The URL of a user API that approves or rejects transactions. Required if ApprovalMode="API".

ApprovalHTTPPublicKeyHex
EDG_VS_ApprovalHTTPPublicKeyHex
String

The EdDSA P256 public key (hex-encoded) used to verify HTTP responses from the user API when ApprovalMode="API".

PrivateKeyPath
EDG_VS_PrivateKeyPath
String

The secure directory where private keys of newly created devices are saved.

PrivateKeyFileMask
EDG_VS_PrivateKeyFileMask
String

A file mask defining the filenames of private keys. Default: "%s_%s.key".

PrivateSharePath
EDG_VS_PrivateSharePath
String

The secure directory where private shares of newly created devices are saved.

PrivateShareEdDSAFileMask
EDG_VS_PrivateShareEdDSAFileMask
String

A file mask defining filenames for EdDSA private shares. Default: "%s.%s.share".

SignerInputHashPath
EDG_VS_SignerInputHashPath
String

The secure directory where transaction input hashes are saved.

RunningWithinSGX
EDG_VS_RunningWithinSGX
Boolean

true/false. If true, the Virtual Signer adds extra encryption for saved files.

ApprovalMode
EDG_VS_ApprovalMode
String

Determines approval mechanism. Valid values: "API", "SmartContract", or "AlwaysApprove".

ApprovalNodeRPCAddress
EDG_VS_ApprovalNodeRPCAddress
String

Required for "SmartContract" mode. RPC address of an Ethereum or io.network node.

ApprovalSmartContractAddress
EDG_VS_ApprovalSmartContractAddress
String

Required for "SmartContract" mode. Smart contract address in hex ("0x...") that approves/rejects requests.

Environment
EDG_VS_ENV
String

Refers to an io.vault environment and defines the config file to use. Possible values: "dev", "pre", "staging".