Every JIL validator undergoes a 7-gate secure boot sequence before it can participate in consensus. The gates are: handshake with the fleet controller, configuration download and verification, image digest verification, cryptographic key loading, authentication token generation, service initialization, and completion confirmation. Each gate must succeed before the next begins.
Secure boot is a foundational security requirement for any distributed system handling financial operations. If a compromised or misconfigured node can join the network without verification, it could disrupt consensus, forge attestations, or leak sensitive data. Sequential verification gates ensure that only properly configured, authenticated nodes participate.
JIL's 7-gate sequence creates defense in depth. The handshake gate verifies network identity. Configuration download ensures consistent settings. Digest verification confirms the validator is running the correct, unmodified software image. Key loading decrypts five key types (Ed25519, HMAC, API, SSH, HSM) from AES-256-GCM encrypted storage. Auth token generation creates 24-hour time-limited consensus credentials. Service initialization starts all required microservices. Completion confirmation signals readiness to JILHQ.
The gates are: 1) Handshake, 2) Configuration download, 3) Image digest verification, 4) Key loading (5 key types), 5) Auth token generation (24h), 6) Service initialization, 7) Completion confirmation.
If any gate fails, the validator does not proceed to the next gate and cannot join the network. The failure is reported to JILHQ fleet controller for investigation. The validator must restart the full boot sequence after the issue is resolved.