API Reference¶

Packages¶

core.paladin.io/v1alpha1

core.paladin.io/v1alpha1¶

Package v1alpha1 contains API Schema definitions for the core v1alpha1 API group

Resource Types¶

Besu
BesuGenesis
BesuGenesisList
BesuList
Paladin
PaladinDomain
PaladinDomainList
PaladinList
PaladinRegistration
PaladinRegistrationList
PaladinRegistry
PaladinRegistryList
SmartContractDeployment
SmartContractDeploymentList
TransactionInvoke
TransactionInvokeList

AuthConfig¶

Field	Description	Default	Validation
`authMethod` AuthMethod	auth method to use for the connection		Enum: [secret]
`authSecret` AuthSecret	SecretAuth is used to provide the name of the secret to use for authentication

AuthMethod¶

Underlying type: string

Appears in: - AuthConfig

Field	Description
`secret`

AuthSecret¶

Appears in: - AuthConfig

Field	Description	Default	Validation
`name` string	The name of the secret to use for authentication

Besu¶

Besu is the Schema for the besus API

Appears in: - BesuList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`Besu`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` BesuSpec

BesuGenesis¶

BesuGenesis is the Schema for the besugeneses API

Appears in: - BesuGenesisList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`BesuGenesis`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` BesuGenesisSpec

BesuGenesisList¶

BesuGenesisList contains a list of BesuGenesis

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`BesuGenesisList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` BesuGenesis array

BesuGenesisSpec¶

BesuGenesisSpec defines the desired state of BesuGenesis All Besu nodes must be bound to a genesis, and will attempt to peer with any other nodes in the same namespace using the same genesis.

Appears in: - BesuGenesis

Field	Description	Validation
`base` string	Base JSON genesis file will be loaded in and then modified as appropriate. Note only modelled fields of the genesis are supported, so check besugenesis.GenesisJSON for support of the field you wish to modify
`chainID` integer	The chain ID - must not change after creation without chain reset
`gasLimit` integer	The initial gas limit - must not change after creation without chain reset (node config be used to increase gas limit incrementally in new blocks)
`consensus` string		Enum: [qbft]
`blockPeriod` string	Block period can be in seconds (s) or milliseconds - cannot be changed once set (used in genesis generation)
`emptyBlockPeriod` string	EmptyBlockPeriod period will be rounded to seconds regardless of units used
`initialValidators` string array	List of nodes that are included in the genesis block validators. The CRs for these must created for the genesis to form, as it requires the identity secrets of those nodes. Cannot be changed once set (used in genesis generation).

BesuList¶

BesuList contains a list of Besu

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`BesuList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` Besu array

BesuSpec¶

BesuSpec defines the desired state of Besu

Appears in: - Besu

Field	Description	Default	Validation
`config` string	Settings from this config will be loaded as TOML and used as the base of the configuration.
`genesis` string	The name of the genesis CR that these nodes will use to obtain their genesis file, and find bootnodes
`pvcTemplate` PersistentVolumeClaimSpec
`service` ServiceSpec	Optionally tune the service definition. We merge any configuration you add (such as node ports) for the following services: "rpc-http" - 8545 (TCP), "rpc-ws" - 8546 (TCP), "graphql-http" - 8547 (TCP), "p2p-tcp" - 30303 (TCP), "p2p-udp" - 30303 (UDP)

ContactDependenciesStatus¶

Appears in: - SmartContractDeploymentStatus - TransactionInvokeStatus

Field	Description	Default	Validation
`contractDepsSummary` string
`resolvedContractAddresses` object (keys:string, values:string)

Database¶

Database configuration

Appears in: - PaladinSpec

Field	Description	Default	Validation
`mode` string		preConfigured	Enum: [preConfigured sidecarPostgres embeddedSQLite]
`migrationMode` string		preConfigured	Enum: [preConfigured auto]
`passwordSecret` string	If set then {{.username}} and {{.password}} variables will be available in your DSN
`pvcTemplate` PersistentVolumeClaimSpec

DomainReference¶

Each domain reference can select one or more domains to include via label selectors Most common to use a simple one-reference-per-domain approach.

Appears in: - PaladinSpec

Field	Description	Default	Validation
`labelSelector` LabelSelector	Label selectors provide a flexible many-to-many mapping between nodes and domains in a namespace. The domain CRs you reference must be labelled to match. For example you could use a label like "paladin.io/domain-name" to select by name.

EVMRegistryConfig¶

Appears in: - PaladinRegistrySpec

Field	Description	Default	Validation
`smartContractDeployment` string	Reference to a SmartContractDeployment CR that is used to deploy the registry
`contractAddress` string	If you have separately deployed the registry, supply the registry address directly

LabelReference¶

Appears in: - DomainReference - RegistryReference

Field	Description	Default	Validation
`labelSelector` LabelSelector	Label selectors provide a flexible many-to-many mapping between nodes and domains in a namespace. The domain CRs you reference must be labelled to match. For example you could use a label like "paladin.io/domain-name" to select by name.

Paladin¶

Paladin is the Schema for the paladin API

Appears in: - PaladinList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`Paladin`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` PaladinSpec

PaladinDomain¶

PaladinDomain is the Schema for the paladindomains API

Appears in: - PaladinDomainList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinDomain`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` PaladinDomainSpec

PaladinDomainList¶

PaladinDomainList contains a list of PaladinDomain

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinDomainList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` PaladinDomain array

PaladinDomainSpec¶

PaladinDomainSpec defines the desired state of PaladinDomain

Appears in: - PaladinDomain

Field	Description	Default	Validation
`smartContractDeployment` string	Reference to a SmartContractDeployment CR that is used to deploy a new registry contract
`registryAddress` string	If you have separately deployed the registry for this domain, supply the registry address directly
`plugin` PluginConfig	Details of the plugin to load for the domain
`allowSigning` boolean	Whether the code inside of this domain is allowed to perform processing using in-memory key materials. Required when Zero Knowledge Proof (ZKP) generation is being co-located with the Paladin core process for domains like Zeto.
`configJSON` string	JSON configuration specific to the individual domain

PaladinList¶

PaladinList contains a list of Paladin

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` Paladin array

PaladinRegistration¶

PaladinRegistration is the Schema for the paladinregistrations API

Appears in: - PaladinRegistrationList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinRegistration`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` PaladinRegistrationSpec

PaladinRegistrationList¶

PaladinRegistrationList contains a list of PaladinRegistration

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinRegistrationList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` PaladinRegistration array

PaladinRegistrationSpec¶

PaladinRegistrationSpec defines the desired state of PaladinRegistration

Appears in: - PaladinRegistration

Field	Description	Default	Validation
`registry` string	Reference to the Registry CR - must be of type "evm" for the registration to process
`registryAdminNode` string	The node to use to submit the registration with access to the admin key
`registryAdminKey` string	The key to use to sign the transactions
`node` string	The node to publish the registration for - owns its registration key
`nodeAdminKey` string	The key to use on the node to publish its endpoint information
`transports` string array	The transports to publish - we'll wait for them to become available, in the order specified here

PaladinRegistry¶

PaladinRegistry is the Schema for the paladinregistries API

Appears in: - PaladinRegistryList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinRegistry`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` PaladinRegistrySpec

PaladinRegistryList¶

PaladinRegistryList contains a list of PaladinRegistry

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`PaladinRegistryList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` PaladinRegistry array

PaladinRegistrySpec¶

PaladinRegistrySpec defines the desired state of PaladinRegistry

Appears in: - PaladinRegistry

Field	Description	Default	Validation
`type` RegistryType		evm	Enum: [evm]
`evm` EVMRegistryConfig	Config specific to EVM based registry
`transports` RegistryTransportsConfig	Optionally adjust how the transport configuration works
`plugin` PluginConfig	Details of the plugin to load for the domain
`configJSON` string	JSON configuration specific to the individual registry

PaladinSpec¶

PaladinSpec defines the desired state of Paladin

Appears in: - Paladin

Field	Description	Default	Validation
`config` string	Settings from this config will be loaded as YAML and used as the base of the configuration.
`database` Database	Database section k8s native functions for setting up the database with auto-generation/auto-edit of the DB related config sections
`secretBackedSigners` SecretBackedSigner array	Adds signing modules that load their key materials from a k8s secret
`besuNode` string	Optionally bind to a local besu node deployed with this operator (vs. configuring a connection to a production blockchain network)
`authConfig` AuthConfig	AuthConfig is used to provide authentication details for blockchain connections If this is set, it will override the auth details in the config
`service` ServiceSpec	Optionally tune the service definition. We merge any configuration you add (such as node ports) for the following services: "rpc-http" - 8545 (TCP), "rpc-ws" - 8546 (TCP)
`domains` DomainReference array	A list of domains to merge into the configuration, and rebuild the config of paladin when this list changes
`registries` RegistryReference array	A list of registries to merge into the configuration, and rebuild the config of paladin when this list changes
`transports` TransportConfig array	Transports are configured individually on each node, as they reference security details specific to that node

PluginConfig¶

Appears in: - PaladinDomainSpec - PaladinRegistrySpec - TransportConfig

Field	Description	Validation
`type` string	The library type to load	Enum: [c-shared jar]
`library` string	The location of the library - do not include the "lib" prefix or the ".so" suffix for shared libraries
`class` string	For Java only, the name of the class to load from the Jar

RegistryReference¶

Each registry reference can select one or more domains to include via label selectors Most common to use a simple one-reference-per-domain approach.

Appears in: - PaladinSpec

Field	Description	Default	Validation
`labelSelector` LabelSelector	Label selectors provide a flexible many-to-many mapping between nodes and domains in a namespace. The domain CRs you reference must be labelled to match. For example you could use a label like "paladin.io/domain-name" to select by name.

RegistryTransportsConfig¶

Appears in: - PaladinRegistrySpec

Field	Description	Default
`enabled` boolean	If true, then this registry will be used for lookup of node transports	true
`requiredPrefix` string	Prefix if set that will be matched and cut from any supplied lookup node name before performing a lookup. If it does not match (or matches the whole lookup) then this registry will not be used to lookup the node. This allows multiple registries to be used safely for different private node connectivity networks without any possibility of clashing node names.
`hierarchySplitter` string	By default the whole node name must match a root entry in the registry. If a hierarchySplitter is provided (such as ".") then the supplied node name will be split into path parts and each entry in the hierarchy will be resolved in order, from the root down to the leaf.
`propertyRegexp` string	If a node is found, then each property name will be applied to this regular expression, and if it matches then the value of the property will be considered a set of transport details. The transport name must be extracted as a match group. For example the default is: propertyRegexp: "^transport.(.*)$" This will match a property called "transport.grpc" as the transport details for the grpc transport.
`transportMap` object (keys:string, values:string)	Optionally add entries here to map from the name of a transport as stored in the registry, to the name in your local configuration. This allows you to use different configurations (MTLS certs etc.) for different private node networks that all use the same logical transport name.

RegistryType¶

Underlying type: string

Appears in: - PaladinRegistrySpec

Field	Description
`evm`

SecretBackedSigner¶

Appears in: - PaladinSpec

Field	Description	Default	Validation
`secret` string
`name` string			Pattern: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$`
`type` string	The operator supports generating the seed and base config for a simple seeded BIP32 HDWallet signer. If more other options are needed, these can be set directly in the YAML config for this signer.	autoHDWallet	Enum: [autoHDWallet preConfigured]
`keySelector` string	Wallets will be evaluated against new allocations of key identifiers in the order they are defined. The key selector regular expression allows wallets to sub-select, with more specific rules first on key matching and more generic rules (like the default of ".*") last.	.*

SmartContractDeployment¶

SmartContractDeployment is the Schema for the smartcontractdeployments API

Appears in: - SmartContractDeploymentList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`SmartContractDeployment`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` SmartContractDeploymentSpec

SmartContractDeploymentList¶

SmartContractDeploymentList contains a list of SmartContractDeployment

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`SmartContractDeploymentList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` SmartContractDeployment array

SmartContractDeploymentSpec¶

SmartContractDeploymentSpec defines the desired state of SmartContractDeployment

Appears in: - SmartContractDeployment

Field	Description	Default	Validation
`requiredContractDeployments` string array	This CR will wait for the deployment of all contracts in this list, before parsing the bytecode for deployment. This allows unlinked dependencies to be linked before deployment.
`node` string	The node to use to deploy - reference to a PaladinNode CR
`txType` string	Type of transaction to submit to Paladin	public	Enum: [public private]
`domain` string	Domain for private transactions
`abiJSON` string	The ABI of the smart contract - provides the constructor parameter definition
`bytecode` string	The bytecode of the smart contract
`from` string	Reference to the signing key to use to deploy
`paramsJSON` string	JSON parameter data (array, object, or empty if no params)
`linkReferencesJSON` string	Unlinked contracts have list of the references that need to be resolve, alongside the bytecode
`linkedContracts` object (keys:string, values:string)	If the bytecode is unlinked, then this map will be used to resolve the dependencies. The keys in the map are the library name, which can be optionally fully qualified with the syntax FileName.sol:LibName. An entry must be provided for every unlinked dependency, or the CR will not perform a deployment. The values are evaluated as go templates, with access to the CR. So you can refer to .status.resolvedContractAddresses in the values via go templating. See https://docs.soliditylang.org/en/latest/using-the-compiler.html#library-linking for detail

StatusPhase¶

Underlying type: string

Appears in: - Status

Field	Description
`Pending`
`Ready`
`Failed`
`Unknown`

TLSConfig¶

Appears in: - TransportConfig

Field	Description	Default
`secretName` string	Secret name is required
`certName` string	If specified then a cert-manager.io/v1 Certificate will be created for the internal DNS names of the service. If you define multiple transports that share a secret, then only specify this on one.
`issuer` string	Issuer for the certificate if a certificateName is specified (note cluster issuer can be used with a custom certSpecTemplate)	selfsigned-issuer
`additionalDNSNames` string array	Additional DNS names to add to the definition (for external hostnames) when using automatic cert-manager
`certSpecTemplate` string	Go template for the YAML spec of the issuer CR, which will have access to the inserts when building: {{.nodeName}} {{.dnsNames}} {{.secretName}} {{.issuer}} Where .nodeName is that placed in the config This approach allows us to avoid a build-time dependency on the CertManager CRs, while letting you customize things like the algorithm.

TransactionInvoke¶

TransactionInvoke is the Schema for the transactioninvokes API

Appears in: - TransactionInvokeList

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`TransactionInvoke`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` TransactionInvokeSpec

TransactionInvokeList¶

TransactionInvokeList contains a list of TransactionInvoke

Field	Description	Default	Validation
`apiVersion` string	`core.paladin.io/v1alpha1`
`kind` string	`TransactionInvokeList`
`metadata` ListMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`items` TransactionInvoke array

TransactionInvokeSpec¶

TransactionInvokeSpec defines the desired state of TransactionInvoke

Appears in: - TransactionInvoke

Field	Description	Default	Validation
`requiredContractDeployments` string array	A list of pre-requisite smart contract deployments that must be resolved to contract addresses before the transaction can be built+submitted. The set of smart contracts is built one-by-one as the smart contract deployments complete, and once set a dependency does not change if the deployment CR is deleted and re-created. So it is important to delete+recreate all inter-related SmartContractDeployment and TransactionInvoke CRs in a set when they are being used as a deployment engine for test infrastructure. This is not intended as substitute to proper smart contract management in production. Instead it is an excellent tool for rapid re-deployment of test infrastructure.
`node` string	The node to use to deploy - reference to a PaladinNode CR
`txType` string	Type of transaction to submit to Paladin	public	Enum: [public private]
`domain` string	Domain for private transactions
`function` string	The name or full signature of the function to invoke
`abiJSON` string	The ABI of the smart contract - provides the constructor parameter definition
`from` string	Reference to the signing key to use to deploy
`toTemplate` string	Go template that specifies the target smart contract for invocation. See paramsJSONTemplate for more detail
`paramsJSONTemplate` string	Go template that specifies the data JSON payload for the invocation of the smart contract (array of input values, or map of inputs by name). Once all pre-requisite contract deployments are completed, this template will be executed with the JSON serialization of CR as the input to the CR execution. As such it has access to fields like: .status.resolvedContractAddresses

TransactionStatus¶

Underlying type: string

Appears in: - SmartContractDeploymentStatus - TransactionInvokeStatus - TransactionSubmission

Field	Description
`Submitting`
`Pending`
`Success`
`Failed`
`Rejected`

TransactionSubmission¶

Appears in: - PaladinRegistrationStatus - SmartContractDeploymentStatus - TransactionInvokeStatus

Field	Description	Default	Validation
`transactionStatus` TransactionStatus
`idempotencyKey` string
`transactionID` string
`failureMessage` string
`transactionHash` string

TransportConfig¶

Appears in: - PaladinSpec

Field	Description	Default	Validation
`name` string
`plugin` PluginConfig	Plugin configuration for loading the transport
`configJSON` string	JSON configuration specific to the individual transport. The "tls" root section of the config will be automatically populated from the k8s secret. The "externalHostname" property will be automatically set to the internal k8s hostname, unless it is already set in the configJSON
`tls` TLSConfig	TLS configuration to use for this secret
`ports` ServicePort array	The port number to listen on this transport