Node management workflow

In SVT, the user manages their validator node by sending commands to the Agent. The user accesses SVT through the HTTPS protocol, then selects and launches a command on the Node Control screen in SVT. The command is encrypted and transmitted to the Agent through a dedicated on-chain messaging channel.

The Agent decrypts the command with the user's device key, which is used to authorize user devices with the Agent so it can execute commands coming from them. It's generated for a specific device, or even a specific browser, and stored locally.

After decrypting the command, the Agent reports to the InfluxDB database and initializes an Ansible playbook. Two Docker containers are launched, one with the Ansible playbook and the other with a Dozzle logging session for viewing a real-time log of the Ansible playbook execution.

The Ansible playbook is either successfully executed or returns an error. The Agent reports the execution result to the blockchain via an event and to the InfluxDB database. The InfluxDB database then reports the result to SVT, which ultimately displays it in the interface for the user to see.

Real-time logging workflow

When SVT Agent starts to execute a command, it launches two Docker containers, one with an Ansible playbook and the other with a Dozzle logging session. The user can view the real-time log of the Ansible playbook execution through the Dozzle container while the playbook is active. Once the Ansible playbook has been executed, both containers are shut down.

The Dozzle container is temporarily accessible via a short-lived port and protected with a session key. The user can access it by entering their validator server's IP address and clicking the Show Live Logs button on the Node Control screen in SVT.

The user can also view the real-time log by running docker logs svt-agent in CLI on the validator server.

Metric collection

SVT has two sources of validator performance data: a monitoring program and a collector service. Both are our proprietary solutions. The monitoring program is installed on the user’s server along with the validator software to collect its performance data. The collector service gathers public data on validator performance and feeds it to SVT.

Local storage

All user settings and keys, including a custom validator monitoring list and device keys, are stored in the browser’s local storage. SVT does not require the user to provide any secret keys or other sensitive data, nor does it have any access to such information.

SSH

Some of the steps in the SVT documentation require that the user SSH to their validator server and communicate with it directly through CLI.

Key security considerations

• All data is transmitted in encrypted form through the blockchain (except for command execution logs and public metrics).

• SVT opens only 1 public short-lived port to enable access to the Dozzle logging service while an Agent command is executed.

• The Dozzle logging session in a Docker container is protected with a session key.

• All user settings and keys are stored locally. SVT has no access to them.