← 返回 Skills 市场
Ika Operator
作者
Omer Sadika
· GitHub ↗
· v1.0.0
· MIT-0
143
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ika-operator
功能描述
Guide for operating Ika network nodes - validators, fullnodes, and notifiers. Use when deploying, configuring, monitoring, or troubleshooting Ika infrastruct...
使用说明 (SKILL.md)
Ika Node Operator Guide
Deploy and operate Ika network nodes (validators, fullnodes, notifiers).
References (detailed configuration and operations)
references/configuration.md- Complete NodeConfig YAML reference, all fields with defaultsreferences/operations.md- Deployment, monitoring, admin API, recovery, metrics proxyreferences/validator-setup.md- Step-by-step mainnet validator setup with CLI commands
Node Types
| Binary | Mode | Purpose | Key Config |
|---|---|---|---|
ika-node |
Auto-detect | Selects mode from config | Detects automatically |
ika-validator |
Validator | Consensus + MPC signing | Requires consensus-config |
ika-fullnode |
Fullnode | State sync via P2P, no consensus | No consensus-config, no notifier-client-key-pair |
ika-notifier |
Notifier | Submits checkpoints to Sui | Requires notifier-client-key-pair |
Auto-detection order: consensus-config present → Validator; else notifier-client-key-pair present → Notifier; else → Fullnode.
Hardware Requirements (Validator)
| Resource | Minimum |
|---|---|
| CPU | 16 physical cores / 16 vCPUs |
| Memory | 128 GB |
| Storage | 4 TB NVMe |
| Network | 1 Gbps |
| OS | Linux Ubuntu/Debian x64 (or Docker on x64 Linux) |
Warning: Hetzner has strict crypto ToS and may close validators without notice.
Connectivity (Validator Ports)
| Protocol/Port | Direction | Purpose |
|---|---|---|
| TCP/8080 | Inbound | Protocol / Transaction Interface |
| UDP/8081 | Inbound/Outbound | Consensus Interface |
| UDP/8084 | Inbound/Outbound | Peer-to-Peer State Sync |
| TCP/8443 | Outbound | Metrics Pushing |
| TCP/9184 | Inbound/Outbound | Metrics Scraping (both Sui fullnode and Ika node) |
Critical: Ports 8080-8084 and 9184 must be open with correct protocols (TCP/UDP).
Prerequisites
- DNS address for your validator (e.g.,
ika-mainnet-1.\x3Cyour-domain>) - Your own Sui fullnode on Sui mainnet, fully synced (at least 2 latest epochs). Use separate DNS for Sui node.
- Sui CLI installed, configured for mainnet, active address with at least 10 SUI
- Minimum 40 million IKA stake to join the committee
Quick Start: Mainnet Validator
Download binaries from: https://github.com/dwallet-labs/ika/releases
Step 1: Configure Ika Environment
Get the latest package/object IDs from the canonical source:
- Mainnet:
deployed_contracts/mainnet/address.yaml(GitHub) - Testnet:
deployed_contracts/testnet/address.yaml(GitHub)
./ika validator config-env \
--ika-package-id \x3Cika_package_id> \
--ika-common-package-id \x3Cika_common_package_id> \
--ika-dwallet-2pc-mpc-package-id \x3Cika_dwallet_2pc_mpc_package_id> \
--ika-system-package-id \x3Cika_system_package_id> \
--ika-system-object-id \x3Cika_system_object_id>
# Creates: ~/.ika/ika_config/ika_sui_config.yaml
# Note: ika-dwallet-coordinator-object-id is not set at this stage (defaults to zero);
# it must be configured later in the node's validator.yaml under sui-connector-config.
Step 2: Generate Validator Info & Keys
./ika validator make-validator-info \
"My Validator" "Description" \
"https://example.com/image.png" "https://example.com" \
"ika-mainnet-1.example.com" \
10000 \
\x3CYOUR_SUI_ADDRESS>
# Generates: protocol.key, network.key, consensus.key, root-seed.key, validator.info
CRITICAL: Back up ALL generated keys. root-seed.key is SECRET and IRREPLACEABLE. If lost, it cannot be updated via contract. Other keys (protocol, network, consensus) can be rotated on-chain.
Step 3: Register as Validator Candidate
./ika validator become-candidate ./validator.info
# Returns: Validator ID, Validator Cap ID, Validator Operation Cap ID, and Validator Commission Cap ID
Step 4: Stake into Validator
Stake at least 40 million IKA via: https://ika-mainnet-validators-staking.pages.dev/
Verify your Validator ID matches the CLI output.
Step 5: Join Committee
./ika validator join-committee --validator-cap-id \x3CVALIDATOR_CAP_ID>
You become a pending validator and join the committee at the next epoch.
Step 6: Run the Validator Node
Directory structure:
/opt/ika/
├── bin/ika-node
├── config/validator.yaml
├── key-pairs/
│ ├── protocol.key
│ ├── network.key
│ ├── consensus.key
│ └── root-seed.key
└── db/ # Created at runtime
├── authorities_db/
└── consensus_db/
Before running, edit validator.yaml:
- Set
ika-dwallet-coordinator-object-idto the value fromdeployed_contracts/mainnet/address.yaml - Ensure:
sui-chain-identifier: mainnet - Set metrics:
push-url: "https://mainnet.metrics.ika-network.net:8443/publish/metrics"
ika-node --config-path /opt/ika/config/validator.yaml
Logging: Set RUST_LOG for log levels, RUST_LOG_JSON=1 for JSON output.
Step 7: Verify
Wait a couple minutes, check logs for:
ika_core::checkpoints: Creating checkpoint(s) for 0 messages next_checkpoint_seq=1
This confirms the node is running. Additional checkpoints appear only during/after MPC sessions.
Package & Object IDs
Always get the latest IDs from the canonical source files in the repo:
- Mainnet:
deployed_contracts/mainnet/address.yaml(GitHub) - Testnet:
deployed_contracts/testnet/address.yaml(GitHub)
Keypairs
| Key | Type | Purpose | Required By | Recoverable? |
|---|---|---|---|---|
protocol-key-pair |
AuthorityKeyPair | Protocol signatures | All | Yes (rotate on-chain) |
consensus-key-pair |
Ed25519 | Consensus communication | All | Yes (rotate on-chain) |
network-key-pair |
Ed25519 | P2P networking | All | Yes (rotate on-chain) |
account-key-pair |
SuiKeyPair | Sui interactions | All | Yes |
root-seed-key-pair |
RootSeed | MPC cryptographic operations | Validators | NO - IRREPLACEABLE |
notifier-client-key-pair |
SuiKeyPair | Submit checkpoints to Sui | Notifiers | Yes |
Validator Config Essentials
# Mainnet validator must have:
sui-connector-config:
sui-chain-identifier: mainnet
sui-rpc-url: 'http://\x3Cyour-sui-fullnode>:9000'
# Get all IDs from deployed_contracts/mainnet/address.yaml
ika-package-id: '\x3Cfrom address.yaml>'
ika-dwallet-coordinator-object-id: '\x3Cfrom address.yaml>'
# ... other package/object IDs
consensus-config: # Presence triggers validator mode
db-path: '/opt/ika/consensus_db'
db-retention-epochs: 0
db-pruner-period-secs: 3600
max-pending-transactions: 20000
root-seed-key-pair:
path: /opt/ika/key-pairs/root-seed.key
metrics:
push-url: "https://mainnet.metrics.ika-network.net:8443/publish/metrics"
Admin API (localhost only)
curl http://127.0.0.1:1337/logging # View log filter
curl -X POST 'http://127.0.0.1:1337/enable-tracing?filter=debug&duration=10s'
curl -X POST http://127.0.0.1:1337/reset-tracing # Reset to env var
curl http://127.0.0.1:1337/node-config # View config (keys masked)
curl http://127.0.0.1:1337/capabilities # View capabilities
Environment Variables
| Variable | Purpose | Default |
|---|---|---|
IKA_CONFIG_DIR |
Override config directory | ~/.ika/ika_config/ |
RUST_LOG |
Log level filter | — |
RUST_LOG_JSON |
JSON log output (1 to enable) |
— |
TRACE_FILTER |
Tracing log filter | — |
Services by Node Type
| Service | Validator | Fullnode | Notifier |
|---|---|---|---|
| AuthorityState | Y | Y | Y |
| ConsensusManager | Y | — | — |
| DWalletMPCService | Y | — | — |
| SuiConnectorService | Y | Y | Y |
| CheckpointServices | Y | Y | Y |
| P2P + StateSync | Y | Y | Y |
| Discovery | Y | Y | Y |
Key Operational Notes
- Release mode required: Always build with
--releasefor crypto operations - Sui fullnode required: Run your own Sui fullnode, fully synced (2+ latest epochs)
- Package IDs must match: Contract IDs in config must match deployed contracts
- Minimum stake: 40 million IKA to join the committee
- Root seed is sacred: Back it up securely. Cannot be regenerated or rotated on-chain.
- Updates: Monitor
#nodes-updates-mainnetchannel for new releases - Recovery: Use
--run-with-range-epochor--run-with-range-checkpointfor disaster recovery - Checkpoint pinning: Use
pinned-dwallet-checkpointsin state-sync config for fork recovery - Graceful shutdown: Send
SIGTERMorSIGINT
安全使用建议
This guide appears to be what it claims: an operator manual for Ika nodes. Before using it, verify the ika binaries you install come from the official GitHub releases referenced in the docs. Treat any commands that remove directories (rm -rf) or change event cursors as destructive — run them only with backups in place. Keep all generated keys (especially root-seed.key) offline and backed up. Be cautious when configuring metrics remote-write URLs or state-archive object stores: those configs can contain credentials (AWS keys, usernames/passwords) and will transmit data to the configured endpoints. Confirm any external endpoints (metrics push URL, staking portal) are legitimate and under your control; do not paste secrets into example endpoints. Finally, because this is instruction-only, the skill itself cannot exfiltrate secrets automatically, but following its instructions could cause data exposure if misconfigured — proceed only if you (or your operator) understand and control the targets and secrets involved.
功能分析
Type: OpenClaw Skill
Name: ika-operator
Version: 1.0.0
The skill bundle provides a comprehensive and legitimate guide for operating Ika network infrastructure, including validators and fullnodes. It contains detailed configuration references, hardware requirements, and step-by-step operational procedures that align perfectly with its stated purpose. While the instructions involve high-risk activities such as managing sensitive cryptographic keys (e.g., `root-seed.key`) and executing binaries, these are standard requirements for blockchain node operations and are directed toward official project resources (e.g., `github.com/dwallet-labs/ika` and `ika.xyz`). No evidence of malicious intent, data exfiltration, or prompt injection was found.
能力评估
Purpose & Capability
Name/description map to the requested binaries and files: 'ika' and 'sui' are reasonable requirements for operating Ika nodes and integrating with Sui. No unrelated credentials, installs, or binaries are requested.
Instruction Scope
The SKILL.md and reference docs stay within node operator scope (configuring, key generation, running, monitoring, and recovery). They do include destructive recovery commands (rm -rf on DB paths) and admin actions (key backups, event cursor overrides) that are expected for ops but are sensitive and should only be executed intentionally. The docs also instruct pushing metrics to external endpoints and show examples that include credentials—these are operational but could leak data if misconfigured.
Install Mechanism
This is an instruction-only skill with no install spec and no downloadable archives; it does not write code to disk or fetch remote packages as part of installation, which is low-risk for install mechanism.
Credentials
The registry metadata declares no required environment variables and no primary credential. However, the configuration examples contain optional fields that accept sensitive secrets (AWS access keys, metrics proxy username/password, certificate/private-key paths). Those fields are legitimate for node operators but are optional; there is no unexplained request for unrelated credentials in the skill metadata.
Persistence & Privilege
always:false and user-invocable:true (defaults) — no elevated persistence requested. The skill is instruction-only and does not modify other skills or agent-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ika-operator - 安装完成后,直接呼叫该 Skill 的名称或使用
/ika-operator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Release v1.0.0
元数据
常见问题
Ika Operator 是什么?
Guide for operating Ika network nodes - validators, fullnodes, and notifiers. Use when deploying, configuring, monitoring, or troubleshooting Ika infrastruct... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 143 次。
如何安装 Ika Operator?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ika-operator」即可一键安装,无需额外配置。
Ika Operator 是免费的吗?
是的,Ika Operator 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Ika Operator 支持哪些平台?
Ika Operator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Ika Operator?
由 Omer Sadika(@omersadika)开发并维护,当前版本 v1.0.0。
推荐 Skills