Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Environment variables

audience: operators

Complete list of environment variables consumed by the organism binaries. Every organism binary also accepts a small set of mosaik-level knobs (discovery, Prometheus bind address); see the mosaik configuration reference.

Status. The names below are the proposed convention; the organism crates pin them when they ship. Treat as the target shape.

Common — every organism

VariableRequiredPurpose
LATTICE_INSTANCEyesThe lattice instance name (e.g. ethereum.mainnet).
LATTICE_CHAIN_IDyesEIP-155 chain id.
LATTICE_CONFIG_HEXyesHex-encoded LatticeConfig. Folds in every organism’s config.
LATTICE_UNIVERSEnoOverride builder::UNIVERSE. Set only for an isolated federation.
PROMETHEUS_ADDRnoBind address for the metrics exporter. Default unbound.
RUST_LOGnoLog filter. Default info.

zipnet

Inherits zipnet’s own env var reference; see the zipnet environment variables page. The lattice-specific subset:

VariableRequiredPurpose
ZIPNET_COMMITTEE_SECRET_FILEserver roleCommittee admission secret, per-lattice.
ZIPNET_SECRET_FILEserver roleStable peer identity secret, per-member.

unseal

VariableRequiredPurpose
UNSEAL_COMMITTEE_SECRET_FILEyesCommittee admission secret.
UNSEAL_SHARE_SECRET_FILEyesThis member’s threshold-decryption share.
UNSEAL_SECRET_FILEyesStable peer identity.

offer

VariableRequiredPurpose
OFFER_COMMITTEE_SECRET_FILEyesCommittee admission secret.
OFFER_SHARE_SECRET_FILEyesThis member’s offer-DKG share.
OFFER_SECRET_FILEyesStable peer identity.

atelier

VariableRequiredPurpose
ATELIER_COMMITTEE_SECRET_FILEyesCommittee admission secret.
ATELIER_BLS_SECRET_FILEyesThis member’s BLS key for collective signature.
ATELIER_SECRET_FILEyesStable peer identity.
ATELIER_CHAIN_RPCyesChain RPC for bundle simulation.

relay

VariableRequiredPurpose
RELAY_COMMITTEE_SECRET_FILEyesCommittee admission secret.
RELAY_SECRET_FILEyesStable peer identity.
RELAY_PROPOSER_ENDPOINTSyesComma-separated proposer/sequencer endpoints.

tally

VariableRequiredPurpose
TALLY_COMMITTEE_SECRET_FILEyesCommittee admission secret.
TALLY_ECDSA_SECRET_FILEyesThis member’s secp256k1 attestation key.
TALLY_SECRET_FILEyesStable peer identity.
TALLY_CHAIN_RPCyesChain RPC for on-chain inclusion watcher.
TALLY_SETTLEMENT_ADDRyesThe settlement contract attestations target.

Secrets — always use *_FILE pointers

Every secret var above uses the *_FILE convention: the value is a path to a file containing the secret, not the secret itself. This keeps secrets out of process environment (where they leak via /proc/*/environ) and lets you mount secrets as tmpfs files under your orchestration layer.

Do not set the non-_FILE form unless you are running a development smoke test.

Cross-references