updated JWT page and consensus_layer

erigontech · Oct 28, 2024 · 811c76e · 811c76e
1 parent ffeeccf
commit 811c76e
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 1 deletion.
diff --git a/src/advanced/block-prod.md b/src/advanced/block-prod.md
@@ -36,7 +36,7 @@ Enabling the Beacon API will lead to a 6 GB higher RAM usage.
 For example, if you want to run Erigon + Caplin as a validator here following is the Erigon command:
 
 ```bash
-./build/bin/erigon --internalcl --chain=holesky --prune=hrtc --beacon.api=beacon,builder,config,debug,node,validator,lighthouse
+./build/bin/erigon --chain=holesky --prune.mode=full --beacon.api=beacon,builder,config,debug,node,validator,lighthouse
 ```
 
 While here the command for Lighthouse would look like*:

diff --git a/src/advanced/consensus_layer.md b/src/advanced/consensus_layer.md
@@ -9,6 +9,9 @@ The execution client listens to new transactions, executes them in the Ethereum
 The consensus client, also known as the *Beacon Node* or *CL client*, implements the Proof-of-Stake consensus algorithm, which enables the network to achieve agreement based on validated data from the execution client. Both clients work together to keep track of the head of the Ethereum chain and allow users to interact with the Ethereum network.
 
 <div class="warning">
+
+**Information**
+
 By default, Erigon is configured to run with Caplin, the embedded Consensus Layer.
 </div>
 

diff --git a/src/advanced/jwt.md b/src/advanced/jwt.md
@@ -1 +1,19 @@
 # JWT secret
+
+The JWT secret is a key that allows Ethereum entities to securely validate JWTs used for authentication, authorization, and transmitting information, like a passphrase that allows Ethereum nodes/servers to verify if requests are legitimate. It should be protected and not exposed publicly.
+
+JWT stands for **JSON Web Token**, and it is a way to securely transmit information between parties as a JSON object. The JWT contains a header, payload, and signature, generated by encrypting the header and payload with a secret.
+
+In Ethereum, JWTs can be used to validate transactions or API calls. The Ethereum node or API server would have the JWT secret stored locally. When a JWT is received, the node/server uses the same secret to generate a signature from the header and payload.
+
+If the newly generated signature matches the one in the JWT, it proves the JWT is valid and comes from an authorized source in possession of the secret. Different nodes/servers would have different secrets allowing them to verify the JWTs intended for them.
+
+More information here: <https://github.com/ethereum/execution-apis/blob/main/src/engine/authentication.md>
+
+# Erigon JWT secret
+
+Erigon creates automatically a JWT secret upon launch. 
+
+By default, the JWT secret key is located in the datadir as `jwt.hex`, and its path can be specified with the `--authrpc.jwtsecret` flag.
+
+Both Erigon and any external Consensus Layer need to point to the same JWT secret file.