Why do peer nodes require a boot key (private key)?
And do you anticipate that the users (those who host nodes) will enter their private key to host a node?
This isn’t new to Catapult and has always been a source of confusion. I don’t really remember why it was done this way but I’m sure there was some at least semi decent reason.
You can boot your node with any valid private-key, if you have auto-harvest on, it’ll have to be an account that is known to the network though (not sure if this still applies).
Anyone with some understanding of public-key cryptography, will not boot their node with a private-key, that gives access to an account that hold funds, which of course you already knew 
It is however possible to boot with the private-key of a remote-account (delegate account), so you can automatically harvest without endangering funds.
Reason is that some requests are authenticated, the node needs to sign the response with the boot key and the requesting node can check the signature by applying the corresponding public key it got from earlier node discovery (node discovery uses /node/info which exhibits the public key).
1 Like
I think, creating block needs signature.
A block needs a signature, right, but that signature is not created with the boot key of a node. Accounts harvest on a node, the node itself does not harvest.
Surely. I’m wrong. Thank you.
So we can just generate a keypair on behalf of the node without needing the user to enter a key.
If there is not boot key / name configured in the config, a random key will be used and the name of the node will be the corresponding address of the key.