Example Configuration File
The following shows a sample MPC node configuration file. It contains explanations of each configuration, and may serve as a summary of many of the topics discussed earlier in the TSM User Manual.
# This is an example TSM node configuration file.
#
# Commented sections means that the feature is either disabled or used with default values.
# Commented variables are listed with their default values.
# Uncommented values are mandatory.
#
# Configuration values can be overridden with environment variables by setting TSM_PATH_TO_VALUE
# e.g. TSM_MPC_THRESHOLD=2 to set MPC.Threshold to 2
# Defines the operating mode of the TSM node.
#[Mode]
# An embedded node does not listen on any ports and is used when integrating the TSM node directly in an application.
# When Embedded is enabled the player index must be 0. Usually an embedded node will not use a configuration file,
# so only set this to true if you know what you are doing.
#Embedded = false
# General configuration for MPC operations.
[MPC]
# When migrating from an older version of the TSM this parameter specifies how many players were in that TSM. Now the
# number of players is set individually for each MPC operation. Once a TSM is migrated to the new format, this
# parameter is no longer needed.
#PlayerCount = 0
# This used to be the security threshold for the entire TSM, but now the threshold is set individually for each key.
# This parameter is only used when migrating from an older version of the TSM where it is needed to properly convert
# key material to the new format. Once a TSM is migrated to the new format, this parameter is no longer needed.
#Threshold = 0
# Time to wait before all required connections between the MPC nodes have been established.
# When they have been established the MPC session will begin and the SessionTimeout will be used (see below).
#ConnectionTimeout = "10s"
# Time to wait before an MPC session times out.
#SessionTimeout = "3m"
# When another node sends us a message related to a session that is not yet started, that message (or connection) is
# stored as a pending session. We do this since not all sessions can be started at exactly the same time. This
# parameter allows us to control the number of pending sessions. Note that a malicious player can cause a denial of
# service attack by filling up this buffer. This can be mitigated to some extent by controlling the order in which
# sessions are started.
#MaxPendingSessions = 10000
# Configuration for the local player
[Player]
# All players in a TSM are identified by a player index. This is the index of the player running this TSM node.
# We refer to this player as the local player. Other players are called remote players.
Index = 0
# This is a base64 encoding of the private key used to authenticate the local player towards the remote players. This
# must correspond to the public keys configured on the remote players for this player index. A private key can be
# generated using the following OpenSSL commands:
#
# openssl genpkey -algorithm ed25519 -outform DER -out private.key
# openssl base64 -A -in private.key; echo
#
# Instead of P-256 one can use P-384 or P-521 depending on the desired security level (128, 192 or 256 bits).
PrivateKey = "BA3E64=="
# This is a list of base64 encodings of DER encoding of the ASN.1 SubjectPublicKeyInfo structure of RSA public keys.
# This is a white list of public keys that are allowed to be used with export. It is possible to use a single string
# of "*" to allow any public key to be used.
ExportWhiteList = []
# The following is a list of players in the TSM with a static public key.
#
# If stream based communication is used (e.g. MPCTCPServer) then all players except player 0 must be configured with a
# static public key. The logic is that lower numbered players open connections to higher numbered players, so URLs
# are not needed for players with a lower number than the local player.
#
# If packet based communication is used (e.g. MPCAMQPServer) then any player can be configured here with a static key.
# Other players can participate in an MPC protocol, but their public key must be provided when the MPC operation is
# started.
[Players.1]
# The protocol and address of player with index 1. Supported prootocols are tcp, ws and wss. If no protocol is
# specified then tcp is assumed. For tcp connections it is possible to specify the following additional options:
# connectionPoolSize: Number of tcp connections to keep alive to this player if multiplexing is used. Default is 2.
# connectionLifetime: Minimum lifetime of a tcp connection to this player. Default is 4 hours.
Address = "tcp://player1:9000?connectionPoolSize=2&connectionLifetime=4h"
# This is a base64 encoding of the players public key. A public key can be generated from the private key using the
# following OpenSSL commands:
#
# openssl pkey -in private.key -pubout -outform DER -out public.key
# openssl base64 -A -in public.key; echo
PublicKey = "BA3E64=="
#[Players.2]
#Address = "..."
#PublicKey = "..."
# User authentication settings.
#[Authentication]
# Lifetime of the tokens for password based user authentication
#TokenLifetime = "5m"
# List of API keys used for authentication in SDKv2
#[[Authentication.APIKeys]]
# Only for SDK V2
# Base64 encoded hash of the API key. A hash for the API key foobar can be generated with the following command:
#
# echo -n "foobar" | openssl dgst -sha256 -binary | openssl base64
#APIKey = ""
# Users with the given API key will be mapped to this user in the system. If the user does not exist, it will be
# created automatically. Set this to an existing user ID to migrate from password to API key authentication.
#ApplicationID = ""
# Setting related to authentication of users based on TLS client certificates.
#[TLSUserAuthentication]
# Points to a file containing a list of CAs from which client certificates are accepted.
#ClientCAFile = ""
# Contains a CSV with the Base64 CA certificates from which client certificates are accepted.
#ClientCAList = ""
#[[TLSUserAuthentication.Applications]]
# These values are used for identifying different applications. The value is an array containing subsets of these values:
# "Country", "Organization", "OrganizationalUnit", "Locality", "Province", "StreetAddress", "PostalCode", "SerialNumber", "CommonName", "ExtraNames"
# If empty or not specified, the distinguished name of the Issuer and Subject from the certificate will be used
# Issuer = ["value0", "value1"]
# Subject = ["value0", "value2"]
# Setting related to authentication of users based on OIDC.
#[OIDCUserAuthentication]
# Lifetime of the OIDC nonce.
#NonceLifetime = "5m"
# List of supported OIDC issuer URLs.
#OIDCIssuers = []
# List of supported Audiences (client ids)
# Audiences = []
# Setting related to authentication of users based on OIDC Access Tokens.
#[OIDCAccessTokenAuthentication]
# List of supported OIDC issuer URLs.
#OIDCIssuers = []
# Configuration for applications that are allowed to access the TSM
#[[OIDCAccessTokenAuthentication.AccessTokens]]
# The name of the application to authenticate, must match audience (aud) in access token
# Audience = "application name"
# EITHER
# The URL of the discovery document for this access token, used to retrieve the public key. Defaults to issuer + "/.well-known/openid-configuration".
# DiscoveryDocURL = issuer + "/.well-known/openid-configuration"
# OR
# if PublicKey is specified, DiscoveryDocURL is ignored
# This is a base64 encoding of the players public key. A public key can be generated from the private key using the
# following OpenSSL commands:
#
# openssl ec -inform DER -in private.key -pubout -outform DER -out public.key
# openssl base64 -A -in public.key; echo
# PublicKey = "BA3E64=="
# The claims which the access token needs to match. If no claims are required, you still need to add an empty section.
#[[OIDCAccessTokenAuthentication.AccessTokens.claims]]
# claim0 = "claim value 0"
#[[OIDCAccessTokenAuthentication.AccessTokens.claims]]
# claim1 = "claim value 1"
# claim2 = "claim value 2"
# Database connection configuration.
[Database]
# The driver used for the database. The following database drivers are supported: sqlite3, mysql and postgres.
DriverName = "sqlite3"
# The name of the datasource. This example shows a SQLite file backed database. For MySQL an example of a datasource
# name could be:
#
# USER:PASSWORD@HOST:3306/DATABASE_NAME?parseTime=true
#
# and for postgres:
#
# postgres://USER:PASSWORD@HOST:5432/DATABASE_NAME?sslmode=disable
DataSourceName = "/tmp/tsmdb"
# This specifies a master encryption key used to protect database records. Note that this key is not directly
# used to encrypt data. Use any long random string here and make sure to keep a backup of it somewhere safe.
EncryptorMasterPassword = "ENCRYPTION_KEY"
# An alternative to specifying a password for encryption is to use a key file. Here the content of the key file
# is hashed and used as the master password. This is useful if one does not want to store the master password
# in the configuration file. After the TSM node has started up this file is no longer needed until next startup.
#EncryptorKeyFile = ""
# Allows specifying a plugin that is loaded and used before the internal TSM encryptions is performed.
# Any handling of the data is done in addition to the normal encryption. The plugin path can be absolute, or
# local. If local it will need to be located in the path of LD_LIBRARY_PATH. The plugin must implement the
# plugin functions defined in the plugin-interface.h header file.
# The plugin MUST ensure that keyshares are handled securely, as failure to do so may compromise the security
# of the installation.
#ExternalEncryptorPlugin = ""
# The maximum number of idle connections in the database connection pool. When using SQLite this should be set to 1.
#MaxIdleConns = 500
# The maximum number of open connections in the database connection pool. When using SQLite this should be set to 1.
#MaxOpenConns = 500
# The maximum time a database connection can be open before it is closed. A value of 0 disables closing of connections.
#ConnMaxLifetime = "3m"
# The maximum time a database connection can be idle before it is close. A value of 0 disables closing of idle connections.
#ConnMaxIdleTime = 0
# Controls how long key shares should be cached in memory. Setting this too high can cause issues when running in a load
# balanced setup together with operations that modify key shares, such as reshare.
#KeyShareCacheTTL = "1s"
# MPC server accepting multiplexed TCP connections from other players.
# At least one MPC server must be specified if the player index is greater than 0.
[MPCTCPServer]
# Port number that this server listens on.
Port = 9000
# Settings this to true disables multiplexing.
#DisableMultiplexing = false
# MPC server accepting WebSocket connections from other players.
# At least one MPC server must be specified if the player index is greater than 0.
#[MPCWebSocketServer]
# Port number that this server listens on.
#Port = 9001
# Points to a file containing a PEM encoded certificate which will be used for this connection. Setting this
# enables the use of WSS instead of WS.
#CertificateFile = ""
# The private key corresponding to the certificate above.
#CertificateKeyFile = ""
# MPC server using an AMQP message broker to communicate with other players. Cannot be used with other MPC servers.
#[MPCAMQPServer]
# URL for the AMQP message broker
# For a local test instance with the default vhost and guest user the following URL can be used:
#
# amqp://guest:guest@localhost:5672/
#ServerURL = ""
# When connection to the broker drops or sending of a message fails, how long should we wait before retrying
#RetryDelay = "5s"
# Specify how many channels should be used when sending messages to the broker. You might want to increase this value
# if you enable PublisherConfirms below.
#ChannelPoolSize = 2
# Use the RabbitMQ specific publisher confirms feature. This configures the RabbitMQ server to confirm each message
# before that message is considered delivered by the client. This makes the communication with the broker more
# resillient when the broker restarts or the network connection fails during a session, but it also has a performance
# impact.
#PublisherConfirms = false
# Instruct the message broker to persist messages. If using durable queues this ensures that messages will survice
# a restart of the broker.
#PersistMessages = false
# If DynamicQueues is true then a new queue is created on the broker for each session, instead of using a fixed queue
# for each player. Dynamic queues are less reliable in case of network failures, but allows for multiple nodes behind
# a load balancer. The parameters PublisherConfirms, PersistMessages and SkipSetup have no effect on dynamic queues.
# All players must use the same type of queues.
#DynamicQueues = false
# If SkipSetup is false the client will automatically create exchange and queues on the broker. However, if you need
# more control over who can send and receive messages set this to true and configure the broker like this:
#
# First you need to know how to get the player ID of a player. The player ID is computed by first using SHA-256 to
# hash the public key and then base64 URL encode (without padding) the output of the hash function.
#
# 1. Create a direct exchange with the name tsm.direct
# 2. Create a queue for each player with the name tsm.playerID and an x-message-ttl of session timeout + connection timeout
# 3. Bind the queues above to the exchange with the queue name as the binding key
# 4. Grant all users write access to the exchange
# 5. Grant all users read access to their own queue
#SkipSetup = false
# MPC server using Redis to communicate with other players. Cannot be used with other MPC servers.
#
# It's recommended that you restrict what users can do on the Redis server. To create a user 'player0' with
# password 'pw0' for use by a TSM node, you need the following ACL:
#
# ACL SETUSER player0 on >pw0 ~tsm:* +ping +blmpop +rpush +expire
#
# If you have ExpireKeys set to true, you also need to add +expire to the list above.
#[MPCRedisServer]
# URL for the Redis server
# For a local instance with no access control the following URL can be used:
#
# redis://localhost:6379/0
#ServerURL = ""
# Redis pipelining is used when sending messages. This is the maximum number of messages that goes into one pipeline
# before being sent to the Redis server.
#SendBatchSize = 20
# When calling BLMPOP to retrive messages from Redis, this is the maximum number of lists to query in one call.
#ReceiveBatchSize = 20
# This controls how many Redis connections are used for fetching messages from the server.
#MaxMessageReceivers = 30
# Number of sessions that can be running at the same time on this TSM node. If you don't need that many sessions,
# you can lower this number and save a little memory.
#MaxSessions = 10000
# Choose whether keys will automatically expire or not. Under normal operation keys will be deleted once the MPC
# session finishes, but in case of MPC session failure some data might remain.
# Automatically expiring keys are disabled by default since it's normally handled by the servers eviction policy.
#ExpireKeys = false
# Set this to true if you are running a Redis cluster. Only use this if you really need a Redis cluster. In most cases
# you will get much better performance without a cluster.
#ClusterMode = false
# Server accepting connections from the SDK. This must be specified unless the TSM node is running as a local node.
[SDKServer]
# Port number that this server listens on.
Port = 8080
# Points to a file containing a PEM encoded certificate which will be used for this connection. Setting this
# enables the use of HTTPS instead of HTTP.
#CertificateFile = ""
# This contains the Base64 certificate inline instead of giving it in a file in the previous entry.
#CertificateBytes = ""
# The private key corresponding to the certificate above.
#CertificateKeyFile = ""
# This contains the Base64 PKCS#8 private key inline instead of giving it in a file in the previous entry.
#CertificateKeyBytes = ""
# This setting enables multiple instances of the same player to be placed behind a load balancer. Each instance will
# either handle sessions itself or route the traffic to other instances.
#[MultiInstance]
# IP address where this instance can be reached from other the instances. If not specified an auto-detected address is
# used and this might not be the address you want if there are multiple IP addresses associated with the system.
#Address = ""
# SDK port announced to the other nodes. If not specified it defaults to the SDK port from the [SDKServer] section.
#SDKPort = 0
# MPC port announced to the other nodes. If not specified it defaults to the SDK port from the [MPCTCPServer] section.
#MPCPort = 0
# How often should we run a cleanup job that purges old routing entries from the database.
#CleanupInterval = "5m"
# Every CleanupInteval the cleanup job will run with this probability. 0 means never and 100 means always.
#CleanupProbability = 25
# This section is used for initializing the server with values specified in the configuration instead of other sources.
#[Initializers]
# This adds the option to set the wrapping key used for exporting key shares. It will only work if the wrapping key has not already been set
# or generated. This must be an RSA key in a DER encoded PKCS#1 structure.
#WrappingPrivateKey = "BA3E64=="
# The following two entries can be used to bootstrap the node to a specific Administrator name and password. If used, both
# entries must be set in which case the administrator will be created with the specified password. This will only work if
# an administrator have not already been created.
#AdministratorUsername = ""
#AdministratorPassword = ""
# Server used to access various internal performance counters, both Golang and MPC related. Default format is Golang's build-in
# expvar. Can be configured to be Prometheus
#[MetricsServer]
#Port = 10000
#Prometheus = false
# Server used for serving runtime profiling data in the format expected by the pprof visualization tool. This requires
# that the TSM node is compiled with profiling enabled. Only used for internal debugging.
#[ProfilingServer]
#Port = 11000
# Configures system logging for the TSM node.
#[Logging]
# Log level. If not specified it default to "info".
#Level = ""
# If this section is present then certain operations on the TSM node are stored in an audit log. The
# audit log is periodically signed and uploaded to an audit receiver.
#[Audit]
# URL of the audit receiver. Audit logs are sent to this URL using HTTP POST requests.
# Can be a file, HTTP location or s3 location: file://, https://, s3://
#ReceiverURL = ""
# Public key of the audit receiver. This corresponds to the public key in the TLS certificate.
#ReceiverPublicKey = "BA3E64=="
# Private key used to establish a connection to the audit receiver using mTLS.
#ClientPrivateKey = "BA3E64=="
# Log entries are signed before they are uploaded to the audit receiver. This is the 32 byte seed used to generate
# an Ed25519 signing key per RFC-8032.
#LogEntrySigningKeySeed = "BA3E64=="
# Maximum number of audit log entries that are sent in one request.
#MaxBatchSize = 50
# Minimum time to wait before checking for new audit log entries to upload.
#MinWaitTime = "15s"
# Maximum time to wait before checking for new audit log entries to upload.
#MaxWaitTime = "2m"
# When using an S3-compatible API as the ReceiverURL in [Audit], specify any
# non-standard S3 related parameters here
#[Audit.S3EndpointConfig]
# If not using the default S3 endpoint, specify the custom one here
#EndpointURL = ""
# AWS or S3-compatible API region
#Region = ""
# Authorization keys for the S3-compatible API
#SecretAccessKey = ""
#AccessKeyId = ""
#SessionToken = ""
# The configurations below are for the individual MPC protocols supported by the TSM. Comment a protocol to
# disable it. In the following n denotes the total number of players and t is the security threshold.
# Computes ECDSA signatures. This protocol requires n >= 2t+1. Cannot be enabled together with DKLS19.
#[SEPH18S]
# Shortest allowed BIP-32 chain path.
#MinChainPathLength = 0
# Cache size for intermediate public keys when using BIP-32 chain paths.
#Bip32CacheSize = 1024
# Whether or not to allow resharing.
#EnableResharing = false
# Whether or not to allow export of keys under a wrapping key. This is intended to export key shares to replicate the keys on a set of TSM nodes to another set of TSM nodes (same number of nodes). The public keys that can be used for this function must be white listed.
#EnableExport = false
# Whether or not to allow backup of shares. This will export clear backup of shares primiraly intended for backup of single nodes, e.g. on a phone.
#EnableShareBackup = false
# Maximum number of presignatures that can be generated in one request.
#PresigGenRequestLimit = 1000
# Maximum number of presignatures that can be generated concurrently for the entire TSM node.
#PresigGenGlobalLimit = 50000
# Computes ECDSA signatures. This protocol only requires t < n. Cannot be enabled together with SEPH18S.
#[DKLS19]
# Shortest allowed BIP-32 chain path.
#MinChainPathLength = 0
# Cache size for intermediate public keys when using BIP-32 chain paths.
#Bip32CacheSize = 1024
# Whether or not to allow resharing.
#EnableResharing = false
# Whether or not to allow Emergency Recovery Information to be exported. This is intended to extract the whole private key from the system.
#EnableERSExport = false
# Whether or not to allow export of keys under a wrapping key. This is intended to export key shares to replicate the keys on a set of TSM nodes to another set of TSM nodes (same number of nodes). The public keys that can be used for this function must be white listed.
#EnableExport = false
# Whether or not to allow backup of shares. This will export clear backup of shares primarily intended for backup of single nodes, e.g. on a phone.
#EnableShareBackup = false
# Whether or not to allow export of BIP32 seeds.
#EnableBIP32ExportSeed = false
# Maximum number of presignatures that can be generated in one request.
#PresigGenRequestLimit = 100
# Maximum number of presignatures that can be generated concurrently for the entire TSM node.
#PresigGenGlobalLimit = 5000
# Computes Ed25519 and Ed448 signatures. This protocol only requires t < n.
#[SEPD19S]
# Shortest allowed chain path. A chain path is used to derive many keys from a single master key.
#MinChainPathLength = 0
# Whether or not to allow resharing.
#EnableResharing = false
# Whether or not to allow Emergency Recovery Information to be exported. This is intended to extract the whole private key from the system.
#EnableERSExport = false
# Whether or not to allow export of keys under a wrapping key. This is intended to export key shares to replicate the keys on a set of TSM nodes to another set of TSM nodes (same number of nodes). The public keys that can be used for this function must be white listed.
#EnableExport = false
# Whether or not to allow backup of shares. This will export clear backup of shares primarily intended for backup of single nodes, e.g. on a phone.
#EnableShareBackup = false
# Maximum number of presignatures that can be generated in one request.
#PresigGenRequestLimit = 1000
# Maximum number of presignatures that can be generated concurrently for the entire TSM node.
#PresigGenGlobalLimit = 100000
# Computes various RSA signing and encryption. Requires t = 1 and n = 3.
#[SEPH20RSA]
# Computes a pseudo random function based on AES-CTR.
#[SEPH15PRF]
#KeySize = 16
# Computes the ECDH function. This protocol only requires t < n.
#[SEPD20ECDH]
# XOR sharing of byte arrays
#[XorShare]
# Sends a message to all players.
#[Broadcast]
# Maximum size in bytes for a broadcast message.
#MaxMessageLength = 65536
# The following protocols are general MPC protocols. At most one of them can be enabled at the same time. For a given
# protocol choose if it can be used for AES, HMAC or both. When in doubt use MRZ15.
# General MPC protocol for n = 2. Based on https://eprint.iacr.org/2017/189
#[WRK17]
#AES = true
#HMAC = false
#AN10922 = false
#KeySize = 16
#Rho = 40
#BucketSize = 4
# General MPC protocol for n = 3 and t = 1. Based on https://eprint.iacr.org/2015/931
#[MRZ15]
#AES = true
#HMAC = true
#AN10922 = false
#RFC5649 = false
#KeySize = 16
Updated 5 days ago