From 04a95c0c246fba9a086f2e9a4a5922806da677b9 Mon Sep 17 00:00:00 2001
From: yorickdowne <71337066+yorickdowne@users.noreply.github.com>
Date: Sat, 31 Aug 2024 15:36:57 -0400
Subject: [PATCH] Prysm persist w3s keys loaded via keymanager (#1917)

---
 README.md                     |  2 +-
 prysm/docker-entrypoint-vc.sh |  8 +++++++-
 vc-utils/keymanager.sh        | 12 ++----------
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index b28ba0a4..525906f7 100644
--- a/README.md
+++ b/README.md
@@ -34,4 +34,4 @@ Eth Docker uses a "semver-ish" scheme.
 large.
 - Second through fourth digit, [semver](https://semver.org/).
 
-This is Eth Docker v2.12.1.0
+This is Eth Docker v2.12.2.0
diff --git a/prysm/docker-entrypoint-vc.sh b/prysm/docker-entrypoint-vc.sh
index 5706c6a5..d3525e98 100755
--- a/prysm/docker-entrypoint-vc.sh
+++ b/prysm/docker-entrypoint-vc.sh
@@ -47,7 +47,13 @@ fi
 
 # Web3signer URL
 if [ "${WEB3SIGNER}" = "true" ]; then
-  __w3s_url="--validators-external-signer-url http://web3signer:9000 --validators-external-signer-public-keys http://web3signer:9000/api/v1/eth2/publicKeys"
+  __w3s_url="--validators-external-signer-url http://web3signer:9000 \
+  --validators-external-signer-public-keys http://web3signer:9000/api/v1/eth2/publicKeys \
+  --validators-external-signer-key-file=/var/lib/prysm/w3s-keys.txt"
+
+  if [ ! -f /var/lib/prysm/w3s-keys.txt ]; then
+    touch /var/lib/prysm/w3s-keys.txt
+  fi
 else
   __w3s_url=""
 fi
diff --git a/vc-utils/keymanager.sh b/vc-utils/keymanager.sh
index d8a62482..bc903a75 100755
--- a/vc-utils/keymanager.sh
+++ b/vc-utils/keymanager.sh
@@ -886,11 +886,7 @@ and secrets directories into .eth/validator_keys instead."
             __api_port=${__vc_api_port}
             __api_tls=${__vc_api_tls}
 
-            if [ -z "${PRYSM:+x}" ]; then
-                jq --arg pubkey_value "$__pubkey" --arg url_value "http://web3signer:9000" '. | .remote_keys += [{"pubkey": $pubkey_value, "url": $url_value}]' <<< '{}' >/tmp/apidata.txt
-            else
-                jq --arg pubkey_value "$__pubkey" --arg url_value "http://web3signer:9000" '. | .remote_keys += [{"pubkey": $pubkey_value}]' <<< '{}' >/tmp/apidata.txt
-            fi
+            jq --arg pubkey_value "$__pubkey" --arg url_value "http://web3signer:9000" '. | .remote_keys += [{"pubkey": $pubkey_value, "url": $url_value}]' <<< '{}' >/tmp/apidata.txt
 
             get-token
             __api_data=@/tmp/apidata.txt
@@ -991,11 +987,7 @@ validator-register() {
 
     __w3s_pubkeys="$(echo "$__result" | jq -r '.data[].validating_pubkey')"
     while IFS= read -r __pubkey; do
-        if [ -z "${PRYSM:+x}" ]; then
-            jq --arg pubkey_value "$__pubkey" --arg url_value "http://web3signer:9000" '. | .remote_keys += [{"pubkey": $pubkey_value, "url": $url_value}]' <<< '{}' >/tmp/apidata.txt
-        else
-            jq --arg pubkey_value "$__pubkey" --arg url_value "http://web3signer:9000" '. | .remote_keys += [{"pubkey": $pubkey_value}]' <<< '{}' >/tmp/apidata.txt
-        fi
+         jq --arg pubkey_value "$__pubkey" --arg url_value "http://web3signer:9000" '. | .remote_keys += [{"pubkey": $pubkey_value, "url": $url_value}]' <<< '{}' >/tmp/apidata.txt
 
         __api_data=@/tmp/apidata.txt
         __api_path=eth/v1/remotekeys