Validator Boundary

Validator and operator boundary

Public-safe validator documentation for network exposure, private control paths, and lifecycle surfaces.

Validator P2P Private RPC Signed lifecycle No signer material

Public-safe does not mean unrestricted. Public mode, privacy mode, safe mode, read-only mode, quotas, deployment profile, and gateway policy can still mask or deny behavior.

Public and Private Boundary

Validator P2P exposure is public as required for network participation.
Validator RPC, private control paths, signer paths, and operational diagnostics remain private.
Signer keys and signer wiring are outside public documentation.
Admin, debug, trusted-only, and diagnostics-restricted surfaces must not be exposed as generic public RPC.

Current Validator Lifecycle

Direct validator admin mutation RPCs are dev/admin-only and are not wallet-safe. The supported node-side validator lifecycle path is signed tlro_pos_v1 submitted through a private write endpoint.

An EVM staking bridge to native ValidatorSet lifecycle is unsupported and not wired as a public runtime path in this documentation set.

Operational Guidance

Public validator documentation should describe roles, exposure boundaries, and health posture without publishing live service commands, private peer topology, ACLs, environment files, signer material, or bypass tokens.