Substrate Developer Hub

Substrate Developer Hub

  • Tutorials
  • Knowledge Base
  • Recipes
  • API Reference
  • Languages iconEnglish
    • 简体中文
    • Help Translate

›Learn Substrate

Getting Started

  • Overview
  • Architecture
  • Installation
  • Getting Started on Windows
  • Glossary

Learn Substrate

  • Extrinsics
  • Transaction Pool
  • Account Abstractions
  • Session Keys
  • Transaction Weight
  • Off-Chain Features

Runtime

  • Runtime Overview
  • Runtime Primitives
  • FRAME
  • Pallets
  • Runtime Macros
  • Runtime Metadata
  • Runtime Storage
  • Runtime Origin
  • Runtime Execution
  • Runtime Events
  • Runtime Errors
  • Transaction Fees
  • Debugging
  • Runtime Tests
  • Runtime Benchmarking
  • On-Chain Randomness
  • Runtime Upgrades

Smart Contracts

  • Overview
  • ink! Smart Contracts
  • ink! Concepts
  • ink! Development
  • Contracts Pallet
  • EVM Pallet
  • ink! F.A.Q.

Integrate

  • Polkadot-JS
  • Client Libraries
  • Chain Specification
  • The Subkey Tool
  • Memory Profiling

Advanced

  • SCALE Codec
  • Consensus
  • The Block Import Pipeline
  • Runtime Executor
  • Cryptography
  • Storage
  • SS58 Address Format
  • Why are there no Hash collections in sp_std?

Contribute

  • Help Translate
Edit

Account Abstractions

Substrate uses multiple sets of public/private key pairs to represent participants of the network.

Overview

Blockchain systems have participants in varying roles, for example from validators to normal users.

As an example, the Substrate node uses a Nominated Proof-of-Stake (NPoS) algorithm to select validators. Validators and nominators may hold significant amounts of funds, so Substrate's Staking pallet introduces account abstractions that help keep funds as secure as possible.

These abstractions are:

  • Stash Key: a Stash account is meant to hold large amounts of funds. Its private key should be as secure as possible in a cold wallet.
  • Controller Key: a Controller account signals choices on behalf of the Stash account, like payout preferences, but should only hold a minimal amount of funds to pay transaction fees. Its private key should be secure as it can affect validator settings, but will be used somewhat regularly for validator maintenance.
  • Session Keys: these are "hot" keys kept in the validator client and used for signing certain validator operations. They should never hold funds.

Note: Learn more about validators and nominators in the context of the Substrate's NPoS Staking pallet.

Account Keys

A key pair can represent an account and control funds, like normal accounts that you would expect from other blockchains. In the context of Substrate's Balances pallet, these accounts must have a minimum amount (an "existential deposit") to exist in storage.

Account keys are defined generically and made concrete in the runtime.

To continue with our example of Stash and Controller accounts, the keys to these accounts are distinguished by their intended use, not by any underlying cryptographic difference. When creating Stash or Controller keys, all cryptography supported for normal account keys are also supported.

Stash Keys

The Stash keys are the public/private key pair that defines a Stash account. This account is like a "savings account" in that you should not make frequent transactions from it. Therefore, its private key should be treated with the utmost security, for example protected in a safe or layers of hardware security.

Since the Stash key is kept offline, it designates a Controller account to make non-spending decisions with the weight of the Stash account's funds. It can also designate a Proxy account to vote in governance on its behalf.

Controller Keys

The Controller keys are the public/private key pair that defines a Controller account. In the context of Substrate's NPoS model, the Controller key will signal one's intent to validate or nominate.

The Controller key is used to set preferences like the rewards destination and, in the case of validators, to set their Session keys. The Controller account only needs to pay transaction fees, so it only needs a minimal amount of funds.

The Controller key can never be used to spend funds from its Stash account. However, actions taken by the Controller can result in slashing, so it should still be well secured.

Next Steps

Learn More

  • Learn more about Session Keys in the next section.
  • Learn about the cryptography used within Substrate.

Examples

  • Follow our tutorial to create a local network and generate keys.

References

  • Visit the reference docs for the session keys runtime API.

  • Take a look at the default session keys in the Substrate node runtime.

Last updated on 4/9/2021 by sacha-l
← Transaction PoolSession Keys →
  • Overview
  • Account Keys
    • Stash Keys
    • Controller Keys
  • Next Steps
    • Learn More
    • Examples
    • References
Substrate Developer Hub
Developer Hub
TutorialsKnowledge BaseRecipesAPI Reference
Community
Community HomeNewsletterSubstrate Technical ChatSubstrate SeminarStack OverflowTwitterEvents
More
Substrate Builders ProgramBlogSubstrate GitHubDeveloper Hub GitHubPrivacy PolicyTerms of UseCookie Settings
Copyright © 2021 Parity Technologies