Skip to main content
Version: 3.10
Features and pricing

ScalarDL Configurations

This page describes the following available configurations for ScalarDL:

Ledger configurations​

You can configure several settings for the Ledger server, such as service port settings, authentication settings, and TLS settings.

auditor.cert_holder_id (Deprecated)​

  • Field: scalar.dl.ledger.auditor.cert_holder_id
  • Description: Auditor certificate holder ID. This field is used to identify the certificate holder for the Auditor.
  • Default value: auditor
note

This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the ScalarDL Authentication Guide.

auditor.cert_version (Deprecated)​

  • Field: scalar.dl.ledger.auditor.cert_version
  • Description: Auditor certificate version. This field specifies the version of the Auditor certificate.
  • Default value: 1
note

This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the ScalarDL Authentication Guide.

auditor.enabled​

  • Field: scalar.dl.ledger.auditor.enabled
  • Description: A flag to enable Auditor. This field determines whether the Auditor is enabled.
  • Default value: false

authentication.hmac.cipher_key​

  • Field: scalar.dl.ledger.authentication.hmac.cipher_key
  • Description: A cipher key used to encrypt and decrypt the HMAC secret keys of client entities. This field is used to specify the cipher key for HMAC authentication.
  • Default value: empty (Optional)

authentication.method​

  • Field: scalar.dl.ledger.authentication.method
  • Description: The authentication method for clients and Ledger servers. digital-signature or hmac can be specified.
  • Default value: digital-signature (Optional)

direct_asset_access.enabled​

  • Field: scalar.dl.ledger.direct_asset_access.enabled
  • Description: A flag to access the asset table directly without going through asset_metadata. This field determines whether direct access to the asset table is enabled.
  • Default value: false

executable_contracts​

  • Field: scalar.dl.ledger.executable_contracts
  • Description: Binary names of contracts that can be executed. This field specifies the binary names of executable contracts.
  • Default value: empty

function.enabled​

  • Field: scalar.dl.ledger.function.enabled
  • Description: A flag to enable function for mutable database. This field determines whether the function for mutable database is enabled.
  • Default value: true

name​

  • Field: scalar.dl.ledger.name
  • Description: Name of the ledger. This field specifies the name of the ledger.
  • Default value: Scalar Ledger (Optional)

namespace​

  • Field: scalar.dl.ledger.namespace
  • Description: Namespace of ledger tables. This field specifies the namespace of the ledger tables.
  • Default value: scalar (Optional)

proof.enabled​

  • Field: scalar.dl.ledger.proof.enabled
  • Description: A flag to enable asset proof that is used to verify assets. This field determines whether asset proof is enabled.
  • Default value: false

proof.private_key_path​

  • Field: scalar.dl.ledger.proof.private_key_path
  • Description: The path of a private key file in PEM format. This field specifies the path of the private key file in PEM format.
  • Default value: empty

proof.private_key_pem​

  • Field: scalar.dl.ledger.proof.private_key_pem
  • Description: PEM-encoded private key data. This field specifies the PEM-encoded private key data.
  • Default value: empty

server.admin_port​

  • Field: scalar.dl.ledger.server.admin_port
  • Description: Server admin port. This field specifies the server admin port.
  • Default value: 50053

server.decommissioning_duration_secs​

  • Field: scalar.dl.ledger.server.decommissioning_duration_secs
  • Description: Decommissioning duration where the servers are running but returning NOT_SERVING to a gRPC health check request. This field specifies the decommissioning duration.
  • Default value: 30 seconds (Optional)

server.grpc.max_inbound_message_size​

  • Field: scalar.dl.ledger.server.grpc.max_inbound_message_size
  • Description: The maximum message size allowed for a single gRPC frame. This field specifies the maximum message size for a single gRPC frame.
  • Default value: empty (Optional)

server.grpc.max_inbound_metadata_size​

  • Field: scalar.dl.ledger.server.grpc.max_inbound_metadata_size
  • Description: The maximum size of metadata allowed to be received. This field specifies the maximum size of metadata allowed to be received.
  • Default value: 8 KiB (Optional)

server.port​

  • Field: scalar.dl.ledger.server.port
  • Description: Server port. This field specifies the server port.
  • Default value: 50051

server.privileged_port​

  • Field: scalar.dl.ledger.server.privileged_port
  • Description: Server privileged port. This field specifies the server privileged port.
  • Default value: 50052

server.prometheus_exporter_port​

  • Field: scalar.dl.ledger.server.prometheus_exporter_port
  • Description: Prometheus exporter port. This field specifies the Prometheus exporter port.
  • Default value: 8080

server.tls.cert_chain_path​

  • Field: scalar.dl.ledger.server.tls.cert_chain_path
  • Description: Certificate chain file used for TLS communication. This field specifies the certificate chain file used for TLS communication.
  • Default value: empty

server.tls.enabled​

  • Field: scalar.dl.ledger.server.tls.enabled
  • Description: A flag to enable TLS between clients and servers. This field determines whether TLS is enabled between clients and servers.
  • Default value: false

server.tls.private_key_path​

  • Field: scalar.dl.ledger.server.tls.private_key_path
  • Description: Private key file used for TLS communication. This field specifies the private key file used for TLS communication.
  • Default value: empty

servers.authentication.hmac.secret_key​

  • Field: scalar.dl.ledger.servers.authentication.hmac.secret_key
  • Description: A secret key of HMAC for the authentication of messages between (Ledger and Auditor) servers. This field specifies the secret key of HMAC for authentication between Ledger and Auditor servers.
  • Default value: empty

tx_state_management.enabled​

  • Field: scalar.dl.ledger.tx_state_management.enabled
  • Description: A flag to manage transaction states by Ledger. This field determines whether transaction state management is enabled by the Ledger.
  • Default value: false

Auditor configurations​

You can configure several settings for the Auditor server, such as service port settings, authentication settings, and TLS settings.

authentication.hmac.cipher_key​

  • Field: scalar.dl.auditor.authentication.hmac.cipher_key
  • Description: A cipher key used to encrypt and decrypt the HMAC secret keys of client entities. This is used only when scalar.dl.auditor.authentication.method is set to hmac.
  • Default value: empty (Optional)

authentication.method​

  • Field: scalar.dl.auditor.authentication.method
  • Description: The authentication method for clients and Auditor servers. digital-signature or hmac can be specified. This must be consistent with the Ledger configuration.
  • Default value: digital-signature (Optional)

authorization.credential​

  • Field: scalar.dl.auditor.authorization.credential
  • Description: An authorization credential (e.g., Bearer token).
  • Default value: empty (Optional)

cert_holder_id (Deprecated)​

  • Field: scalar.dl.auditor.cert_holder_id
  • Description: The holder ID of a certificate. This field is used to identify the certificate holder for the Auditor.
  • Default value: auditor
note

This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the ScalarDL Authentication Guide.

cert_version (Deprecated)​

  • Field: scalar.dl.auditor.cert_version
  • Description: The version of the certificate. This field specifies the version of the Auditor certificate.
  • Default value: 1
note

This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the ScalarDL Authentication Guide.

grpc.deadline_duration_millis​

  • Field: scalar.dl.auditor.grpc.deadline_duration_millis
  • Description: Deadline duration in milliseconds for each gRPC request.
  • Default value: empty (Optional)

grpc.max_inbound_message_size​

  • Field: scalar.dl.auditor.grpc.max_inbound_message_size
  • Description: The maximum message size allowed for a single gRPC frame. If an inbound message larger than this limit is received, it will not be processed, and the RPC will fail with RESOURCE_EXHAUSTED.
  • Default value: empty (Optional)

grpc.max_inbound_metadata_size​

  • Field: scalar.dl.auditor.grpc.max_inbound_metadata_size
  • Description: The maximum size of metadata allowed to be received. This is cumulative size of the entries with some overhead, as defined for HTTP/2's SETTINGS_MAX_HEADER_LIST_SIZE.
  • Default value: 8 KiB (Optional)

ledger.cert_holder_id (Deprecated)​

  • Field: scalar.dl.auditor.ledger.cert_holder_id
  • Description: The holder ID of the certificate of Ledger. This field is used to identify the certificate holder for the Ledger.
  • Default value: ledger
note

This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the ScalarDL Authentication Guide.

ledger.cert_version (Deprecated)​

  • Field: scalar.dl.auditor.ledger.cert_version
  • Description: The version of the certificate. This field specifies the version of the Ledger certificate.
  • Default value: 1
note

This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the ScalarDL Authentication Guide.

ledger.host​

  • Field: scalar.dl.auditor.ledger.host
  • Description: Hostname or IP address of the Ledger server.
  • Default value: localhost

ledger.port​

  • Field: scalar.dl.auditor.ledger.port
  • Description: Port number of the Ledger server.
  • Default value: 50051

ledger.privileged_port​

  • Field: scalar.dl.auditor.ledger.privileged_port
  • Description: Privileged port number of the Ledger server.
  • Default value: 50052

name​

  • Field: scalar.dl.auditor.name
  • Description: Name of the auditor.
  • Default value: Scalar Auditor (Optional)

namespace​

  • Field: scalar.dl.auditor.namespace
  • Description: Namespace of auditor tables.
  • Default value: auditor (Optional)

private_key_path​

  • Field: scalar.dl.auditor.private_key_path
  • Description: The path to the private key file in PEM format. This or scalar.dl.auditor.private_key_pem is used to sign certificates with a digital signature. When scalar.dl.auditor.servers.authentication.hmac.secret_key is empty, the signature is also used by Ledger to authenticate the corresponding certificate from Auditor.
  • Default value: empty (Optional)

private_key_pem​

  • Field: scalar.dl.auditor.private_key_pem
  • Description: PEM-encoded private key data. This or scalar.dl.auditor.private_key_path is used to sign certificates with a digital signature. When scalar.dl.auditor.servers.authentication.hmac.secret_key is empty, the signature is also used by Ledger to authenticate the corresponding certificate from Auditor.
  • Default value: empty (Optional)

server.admin_port​

  • Field: scalar.dl.auditor.server.admin_port
  • Description: Server admin port.
  • Default value: 40053

server.decommissioning_duration_secs​

  • Field: scalar.dl.auditor.server.decommissioning_duration_secs
  • Description: Decommissioning duration in seconds where the servers are running but returning NOT_SERVING to a gRPC health check request.
  • Default value: 30

server.grpc.max_inbound_message_size​

  • Field: scalar.dl.auditor.server.grpc.max_inbound_message_size
  • Description: The maximum message size allowed for a single gRPC frame.
  • Default value: empty (Optional)

server.grpc.max_inbound_metadata_size​

  • Field: scalar.dl.auditor.server.grpc.max_inbound_metadata_size
  • Description: The maximum size of metadata allowed to be received.
  • Default value: 8 KiB (Optional)

server.port​

  • Field: scalar.dl.auditor.server.port
  • Description: Server port.
  • Default value: 40051

server.privileged_port​

  • Field: scalar.dl.auditor.server.privileged_port
  • Description: Server privileged port.
  • Default value: 40052

server.prometheus_exporter_port​

  • Field: scalar.dl.auditor.server.prometheus_exporter_port
  • Description: Prometheus exporter port.
  • Default value: 8080

server.tls.cert_chain_path​

  • Field: scalar.dl.auditor.server.tls.cert_chain_path
  • Description: Path to the certificate chain file used for TLS communication.
  • Default value: empty

server.tls.enabled​

  • Field: scalar.dl.auditor.server.tls.enabled
  • Description: A flag to enable TLS communication between clients and servers.
  • Default value: false

server.tls.private_key_path​

  • Field: scalar.dl.auditor.server.tls.private_key_path
  • Description: Path to the private key file used for TLS communication.
  • Default value: empty

servers.authentication.hmac.secret_key​

  • Field: scalar.dl.auditor.servers.authentication.hmac.secret_key
  • Description: A secret key of HMAC for the authentication of messages between Ledger and Auditor servers.
  • Default value: empty (Optional)

tls.ca_root_cert_path​

  • Field: scalar.dl.auditor.tls.ca_root_cert_path
  • Description: Path to the custom CA root certificate for TLS communication.
  • Default value: empty

tls.ca_root_cert_pem​

  • Field: scalar.dl.auditor.tls.ca_root_cert_pem
  • Description: PEM-encoded custom CA root certificate for TLS communication.
  • Default value: empty

tls.enabled​

  • Field: scalar.dl.auditor.tls.enabled
  • Description: A flag to enable TLS communication.
  • Default value: false

tls.override_authority​

  • Field: scalar.dl.auditor.tls.override_authority
  • Description: Custom authority for TLS communication.
  • Default value: empty

Client configurations​

You can configure several settings for clients, such as Ledger server and Auditor server settings, authentication settings, and TLS settings.

auditor.authorization.credential​

  • Field: scalar.dl.client.auditor.authorization.credential
  • Description: An authorization credential for Auditor.
  • Default value: empty (Optional)

auditor.enabled​

  • Field: scalar.dl.client.auditor.enabled
  • Description: A flag to enable Auditor.
  • Default value: false

auditor.host​

  • Field: scalar.dl.client.auditor.host
  • Description: A hostname or IP address of the Auditor.
  • Default value: localhost

auditor.linearizable_validation.contract_id​

  • Field: scalar.dl.client.auditor.linearizable_validation.contract_id
  • Description: The ID of the ValidateLedger contract.
  • Default value: validate-ledger

auditor.port​

  • Field: scalar.dl.client.auditor.port
  • Description: A port number of the Auditor.
  • Default value: 40051

auditor.privileged_port​

  • Field: scalar.dl.client.auditor.privileged_port
  • Description: A port number of the Auditor for privileged services.
  • Default value: 40052

auditor.tls.ca_root_cert_path​

  • Field: scalar.dl.client.auditor.tls.ca_root_cert_path
  • Description: A custom CA root certificate (file path) for TLS communication for Auditor.
  • Default value: empty

auditor.tls.ca_root_cert_pem​

  • Field: scalar.dl.client.auditor.tls.ca_root_cert_pem
  • Description: A custom CA root certificate (PEM data) for TLS communication for Auditor.
  • Default value: empty

auditor.tls.enabled​

  • Field: scalar.dl.client.auditor.tls.enabled
  • Description: A flag to enable TLS communication for Auditor.
  • Default value: false

auditor.tls.override_authority​

  • Field: scalar.dl.client.auditor.tls.override_authority
  • Description: A custom authority for TLS communication for Auditor.
  • Default value: empty

authentication.method​

  • Field: scalar.dl.client.authentication.method
  • Description: The authentication method for clients and Ledger/Auditor servers. digital-signature or hmac can be specified. This must be consistent with the Ledger/Auditor configuration.
  • Default value: digital-signature (Optional)

authorization.credential​

  • Field: scalar.dl.client.authorization.credential
  • Description: An authorization credential for Ledger.
  • Default value: empty (Optional)

cert_holder_id (Deprecated)​

  • Field: scalar.dl.client.cert_holder_id
  • Description: The holder ID of a certificate. This field is used to identify the certificate holder for the client.
  • Default value: empty
note

This configuration is deprecated and will be deleted in release 5.0.0. Use scalar.dl.client.entity.id instead. If both configurations are specified, scalar.dl.client.entity.id will be used.

cert_path (Deprecated)​

  • Field: scalar.dl.client.cert_path
  • Description: The path of a certificate file in PEM format. This field specifies the path to the client certificate file.
  • Default value: empty
note

This configuration is deprecated and will be deleted in release 5.0.0. Use scalar.dl.client.entity.identity.digital_signature.cert_path instead.

cert_pem (Deprecated)​

  • Field: scalar.dl.client.cert_pem
  • Description: PEM-encoded certificate data. This field specifies the PEM-encoded certificate data for the client.
  • Default value: empty
note

This configuration is deprecated and will be deleted in release 5.0.0. Use scalar.dl.client.entity.identity.digital_signature.cert_pem instead.

cert_version (Deprecated)​

  • Field: scalar.dl.client.cert_version
  • Description: The version of the certificate. This field specifies the version of the client certificate.
  • Default value: 1
note

This configuration is deprecated and will be deleted in release 5.0.0. Use scalar.dl.client.entity.identity.digital_signature.cert_version instead.

entity.id​

  • Field: scalar.dl.client.entity.id
  • Description: A unique ID of a requester (e.g., a user or a device).
  • Default value: empty

entity.identity.digital_signature.cert_path​

  • Field: scalar.dl.client.entity.identity.digital_signature.cert_path
  • Description: The path of a certificate file in PEM format, which is required if scalar.dl.client.entity.identity.digital_signature.cert_pem is empty.
  • Default value: empty

entity.identity.digital_signature.cert_pem​

  • Field: scalar.dl.client.entity.identity.digital_signature.cert_pem
  • Description: PEM-encoded certificate data. Required if scalar.dl.client.entity.identity.digital_signature.cert_path is empty.
  • Default value: empty

entity.identity.digital_signature.cert_version​

  • Field: scalar.dl.client.entity.identity.digital_signature.cert_version
  • Description: The version of the certificate.
  • Default value: 1 (Optional)

entity.identity.digital_signature.private_key_path​

  • Field: scalar.dl.client.entity.identity.digital_signature.private_key_path
  • Description: The path of a private key file in PEM format, which corresponds to the specified certificate. Required if scalar.dl.client.entity.identity.digital_signature.private_key_pem is empty.
  • Default value: empty

entity.identity.digital_signature.private_key_pem​

  • Field: scalar.dl.client.entity.identity.digital_signature.private_key_pem
  • Description: PEM-encoded private key data. Required if scalar.dl.client.entity.identity.digital_signature.private_key_path is empty.
  • Default value: empty

entity.identity.hmac.secret_key​

  • Field: scalar.dl.client.entity.identity.hmac.secret_key
  • Description: A secret key for HMAC.
  • Default value: empty

entity.identity.hmac.secret_key_version​

  • Field: scalar.dl.client.entity.identity.hmac.secret_key_version
  • Description: The version of the HMAC key.
  • Default value: empty (Optional)

grpc.deadline_duration_millis​

  • Field: scalar.dl.client.grpc.deadline_duration_millis
  • Description: A deadline duration for each request.
  • Default value: empty (Optional)

grpc.max_inbound_message_size​

  • Field: scalar.dl.client.grpc.max_inbound_message_size
  • Description: The maximum message size allowed for a single gRPC frame.
  • Default value: empty (Optional)

grpc.max_inbound_metadata_size​

  • Field: scalar.dl.client.grpc.max_inbound_metadata_size
  • Description: The maximum size of metadata allowed to be received.
  • Default value: empty (Optional)

mode​

  • Field: scalar.dl.client.mode
  • Description: A client mode (CLIENT or INTERMEDIARY).
  • Default value: empty (Optional)

private_key_path (Deprecated)​

  • Field: scalar.dl.client.private_key_path
  • Description: The path of a private key file in PEM format. This field specifies the path to the client private key file.
  • Default value: empty
note

This configuration is deprecated and will be deleted in release 5.0.0. Use scalar.dl.client.entity.identity.digital_signature.private_key_path instead.

private_key_pem (Deprecated)​

  • Field: scalar.dl.client.private_key_pem
  • Description: PEM-encoded private key data. This field specifies the PEM-encoded private key data for the client.
  • Default value: empty
note

This configuration is deprecated and will be deleted in release 5.0.0. Use scalar.dl.client.entity.identity.digital_signature.private_key_pem instead.

server.host​

  • Field: scalar.dl.client.server.host
  • Description: A hostname or IP address of the server.
  • Default value: localhost

server.port​

  • Field: scalar.dl.client.server.port
  • Description: A port number of the server.
  • Default value: 50051

server.privileged_port​

  • Field: scalar.dl.client.server.privileged_port
  • Description: A port number of the server for privileged services.
  • Default value: 50052

tls.ca_root_cert_path​

  • Field: scalar.dl.client.tls.ca_root_cert_path
  • Description: A custom CA root certificate (file path) for TLS communication for Ledger.
  • Default value: empty

tls.ca_root_cert_pem​

  • Field: scalar.dl.client.tls.ca_root_cert_pem
  • Description: A custom CA root certificate (PEM data) for TLS communication for Ledger.
  • Default value: empty

tls.enabled​

  • Field: scalar.dl.client.tls.enabled
  • Description: A flag to enable TLS communication for Ledger.
  • Default value: false

tls.override_authority​

  • Field: scalar.dl.client.tls.override_authority
  • Description: A custom authority for TLS communication for Ledger.
  • Default value: empty