# Swisstronik v3 Testnet

## Upgrading Swisstronik to 1.0.2

This guide provides instructions for upgrading Swisstronik to 1.0.2 version

**NOTE**: This upgrade including some breaking changes (such as changing denom from `uswtr` to `aswtr`), so it's not possible to perform just a Software Upgrade

### Before upgrade

#### Backup

Before the upgrade, please ensure, that you backuped following folders:

* `.swisstronik`. This is required to be able to rollback upgrade
* `.swisstronik-enclave` folder and `enclave.signed.so` file. This is required to be able to restore encryption key

Also it is recommended to backup `swisstronikd` binary

#### Install Intel SGX DCAP

**Check DCAP Driver**

Ensure that user under which you're running your node has access to SGX, by running the following command:

```sh
groups $USER
```

If you cannot see `sgx` and `sgx_prv` groups, add your user to them:

```sh
sudo groupadd sgx_prv
sudo usermod -a -G sgx_prv $USER
sudo usermod -a -G sgx $USER
```

Then run `groups $USER` again. If groups we're not updated, login again.

**Install DCAP Libraries**

Install required libraries by running the following command:

```sh
curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add -
. /etc/os-release; VERSION_CODENAME=${VERSION_CODENAME}
sudo add-apt-repository -y "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu $VERSION_CODENAME main"
sudo apt-get update
sudo apt-get install -y \
    libsgx-aesm-launch-plugin \
    libsgx-enclave-common \
    libsgx-epid \
    libsgx-launch \
    libsgx-urts \
    libsgx-dcap-ql \
    libsgx-dcap-quote-verify \
    libsgx-dcap-default-qpl	\
    libsgx-quote-ex \
    libsgx-qe3-logic \
    libsgx-uae-service \
    libsgx-aesm-pce-plugin \
    libsgx-pce-logic \
    sgx-aesm-service \
    libsgx-aesm-ecdsa-plugin \
    libsgx-aesm-quote-ex-plugin \
    libsgx-ae-qve

sudo apt upgrade -y
```

**NOTE**: If you have 5th Generation Xeon SP, you have to install additional package:

```sh
sudo apt-get install -y sgx-ra-service
```

**Configure Intel PCCS**

You should configure Intel Quote Provider. Configuration file can be found here:

```
/etc/sgx_default_qcnl.conf
```

Update `pccs_url` value in that file and set it to:

```
"pccs_url": "https://api.trustedservices.intel.com/sgx/certification/v4/"
```

**NOTE**: If you're using Microsoft Azure to run your node, please refer their documentation, to set correct value for `pccs_url`. <https://learn.microsoft.com/en-us/azure/security/fundamentals/trusted-hardware-identity-management>

#### Download and install binaries

Download 1.0.2 binaries:

```sh
wget https://github.com/SigmaGmbH/swisstronik-chain/releases/download/testnet-v1.0.2/swisstronik_1.0.2_amd64.deb.zip
```

Extract downloaded archive and install binary:

```sh
unzip swisstronik_1.0.2_amd64.deb.zip
```

Install extracted deb package:

```sh
sudo dpkg -i swisstronik_1.0.2_amd64.deb
```

**NOTE**: if you have issue with `libsnappy1v5`, install it using:

```sh
sudo apt-get install libsnappy1v5 -y
```

To simplify process, you can copy `v1.0.2_enclave.signed.so` from `/usr/lib` to directory with already existing `enclave.signed.so` file. **DO NOT** replace `enclave.signed.so`, just put updated enclave file in the same folder.

#### Pass Remote Attestation

**NOTE**: Updated binary `swisstronikd_v1.0.2` by default stored in `/usr/local/bin`. Updated enclave file by default stored in `/usr/lib`. \
**NOTE**: `SEED_HOME` env var was renamed to `KEYMANAGER_HOME` and should lead to directory with `.keymanager` (`~/.swisstronik-enclave` by default)

Request encryption keys using one of the following commands:

Using EPID:

```sh
ENCLAVE_HOME=<PATH_TO_ENCLAVE_FILE> KEYMANAGER_HOME=<PATH_TO_SECRETS_DIRECTORY> \ 
swisstronikd_v1.0.2 enclave request-epoch-keys-epid \
rpc.testnet.swisstronik.com:46789
```

Using DCAP:&#x20;

```sh
ENCLAVE_HOME=<PATH_TO_ENCLAVE_FILE> KEYMANAGER_HOME=<PATH_TO_SECRETS_DIRECTORY> \ 
swisstronikd_v1.0.2 enclave request-epoch-keys-dcap \
rpc.testnet.swisstronik.com:46788

```

{% hint style="danger" %}
**NOTE**: Do not replace your current binaries for now, use v1.0.1 `swisstronikd` to run your node
{% endhint %}

\
**Set `halt-height`**

Upgrade will take place at `5430000` block. Set `halt-height` in `~/.swisstronik/config/app.toml` to `5430000` to stop your node on exact height.

**NOTE**: Once you changed `app.toml` file, please restart your validator

**NOTE**: Disable `Restart=always` in your `.service` file and run `sudo systemctl daemon-reload`. Otherwise, your validator will restart and continue produce blocks after halt height.

### During the upgrade

{% hint style="warning" %}
**NOTE**: This part will be executed once block height will reach **`5430000`**. You should wait until that moment.
{% endhint %}

#### Backup

Backup everything again. Please ensure, that you backuped following folders:

* `.swisstronik`. This is required to be able to rollback upgrade
* `.swisstronik-enclave` folder and `enclave.signed.so` file. This is required to be able to restore encryption key

#### Download latest genesis.json

Download `genesis.json` file from v1.0.2 release:&#x20;

<https://github.com/SigmaGmbH/swisstronik-chain/releases/download/testnet-v1.0.2/genesis.json>

```sh
wget https://github.com/SigmaGmbH/swisstronik-chain/releases/download/testnet-v1.0.2/genesis.json
```

#### Update validator

1. Backup `.swisstronik/data/priv_validator_state.json`, `.swisstronik/config/priv_validator_key.json` and `.swisstronik/config/node_key.json`
2. Run `swisstronikd tendermint unsafe-reset-all --keep-addr-book` to clean all states. Also you should remove file `.swisstronik/config/genesis.json.bak`
3. Replace `.swisstronik/config/genesis.json` with downloaded one
4. Update min gas prices in `app.toml` to correct denom. Sample command: `sed -i 's/minimum-gas-prices = "7uswtr"/minimum-gas-prices = "7aswtr"/' ~/.swisstronik/config/app.toml`
5. Restore `.swisstronik/config/priv_validator_key.json` and `.swisstronik/config/node_key.json` and \``` priv_validator_state.json` ``from backup.
6. Set `halt-height` in `.swisstronik/config/app.toml` to `0`
7. Update `.service` file for your validator with updated binaries. Updated binary `swisstronikd_v1.0.2` by default stored in `/usr/local/bin`. Updated enclave file by default stored in `/usr/lib`.
8. Reload daemon `sudo systemctl daemon-reload`
9. Restart your validator

NOTE: `SEED_HOME` env var was renamed to `KEYMANAGER_HOME` and should lead to directory with `.keymanager` (`~/.swisstronik-enclave` by default)

### Troubleshooting&#x20;

#### Cannot find \`swisstronikd\` binary

Download archive with old binaries from release <https://github.com/SigmaGmbH/swisstronik-chain/releases/download/testnet-v1.0.2/old-binaries.zip>

In case of missing `libsgx_wrapper.x86_64.so` copy that file from archive and put it in `/usr/lib` folder


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.swisstronik.com/swisstronik-docs/node-setup/setup-node/testnet/upgrade-your-testnet-node/swisstronik-v3-testnet.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.