Skip to main content

author_rotateKeys - JSON-RPC Method

Description#

Generates a new set of session keys for validator operations and returns the concatenated public keys as a hexadecimal string. This method is primarily used by network validators when setting up or rotating their session keys, which are essential for block production, GRANDPA finality voting, and other consensus-related activities on the Acala network. The generated keys are stored in the node's keystore and can be set on-chain through a session extrinsic.

Request Example#

curl -s https://api-acala.n.dwellir.com/YOUR_API_KEY -H 'Content-Type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"author_rotateKeys","params":[]}'

Parameters#

This method accepts no parameters.

Response Format#

Returns a hexadecimal string containing the concatenated public keys for all session key types (AURA, GRANDPA, etc.). This string must be submitted on-chain via the session.setKeys extrinsic to activate the new session keys for validator operations.

Use Cases#

  • Validator Setup: Generate initial session keys when configuring a new validator node
  • Key Rotation: Create new session keys periodically as a security best practice
  • Key Compromise Recovery: Generate replacement keys if existing session keys are suspected to be compromised
  • Multi-Validator Management: Automate key generation for managing multiple validator nodes

Important Notes#

This method requires appropriate node permissions and typically only works on validator nodes with write access to the keystore. Standard RPC endpoints provided by Dwellir do not expose this functionality for security reasons, as it requires local node access. Application developers building on Acala do not need this method - it is exclusively for validator node operators managing their infrastructure.

Security Considerations#

Session keys should be generated on secure, isolated validator infrastructure. Never expose the author_rotateKeys RPC endpoint publicly, as it could allow unauthorized key generation. Always transfer the generated keys to the blockchain via a properly secured controller account using the session.setKeys extrinsic.

  • author_hasKey - Check if a specific key exists in the keystore
  • author_hasSessionKeys - Verify if session keys are present