Gatekeepers contribute to the security of the decentralized Phala network.
Running a Gatekeeper (GK) in Phala Network means responsibility. You will be accountable for your stake and the stakes of your nominators. That said, your reputation and stake may be slashed if you make mistakes.
Gatekeepers share the same
pRuntime as normal workers (miners). To distinguish gatekeepers, their
IdentityKey public keys are recorded in the
GatekeeperState list on blockchain.
Gatekeepers are elected on blockchain by NPoS mechanism similar to Polkadot. This is done by
Stakingpallet, where nominators can stake their tokens, and vote for their trusted gatekeepers. Once a gatekeeper is elected, both itself and the nominators can get PoS reward from PHA inflation.
MasterKey in Gatekeeper
MasterKey is used to derive the keys to encrypt the states of confidential smart contracts and communicate. In Phala Network, only the
pRuntime of a gatekeeper is authorized to manage the
MasterKey. Noted that since
MasterKey is managed by
pRuntime and its usage is limited, even a malicious gatekeeper cannot decrypt any contract states without fully compromising the TEE and
MasterKey is a
sr25519 key pair generated and managed by gatekeepers.
In the pre-mainnet of Phala Network, all the gatekeepers share the same pre-generated
Through DKG (distributed key generation) more than one gatekeeper is required to produce a
MasterKey, and each gatekeeper only hold a share of this key. When DKG is enabled, the contract key shares are provisioned to the workers (miners) by the gatekeepers separately.