Problem
The authority secret key is currently stored as plaintext in the TOML config file (e.g., pool-config.toml). This is a security risk because:
- The private key sits on disk during operation
- Anyone with file access can read the key
- Key may persist in backups, log files, or crash dumps
Related
Affected Components
- Pool (pool-apps/pool)
- Job Declaration Server (pool-apps/jd-server)
- Job Declaration Client (miner-apps/jd-client)
Note: Translator only requires the authority public key (no secret key needed).
Proposal
Add support for loading the authority secret key from an environment variable instead of the TOML config file:
POOL_AUTHORITY_SECRET_KEYJDS_AUTHORITY_SECRET_KEYJDC_AUTHORITY_SECRET_KEY
Implementation approach:
- Make
authority_secret_key optional in the TOML deserialization struct
- At config loading time, check for the corresponding environment variable
- If env var is set, use it; otherwise fall back to TOML value (for backward compatibility)
- Validate that either env var or TOML has the key (fail startup if neither)
This follows the existing pattern where RUST_LOG is already loaded from environment.
Backward Compatibility
TOML config files should continue to work. The env var takes precedence if both are set.
Problem
The authority secret key is currently stored as plaintext in the TOML config file (e.g.,
pool-config.toml). This is a security risk because:Related
Affected Components
Note: Translator only requires the authority public key (no secret key needed).
Proposal
Add support for loading the authority secret key from an environment variable instead of the TOML config file:
POOL_AUTHORITY_SECRET_KEYJDS_AUTHORITY_SECRET_KEYJDC_AUTHORITY_SECRET_KEYImplementation approach:
authority_secret_keyoptional in the TOML deserialization structThis follows the existing pattern where
RUST_LOGis already loaded from environment.Backward Compatibility
TOML config files should continue to work. The env var takes precedence if both are set.