Node registration update on Testnet and Mainnet for Proof of Possession

As part of our ongoing work towards achieving full Protocol Autonomy, we’re excited to announce the update of the process of node registration into the Flow protocol, to include the Proof of Possession (PoP) of the staking private key.

:date: Rollout Schedule

  • Testnet Rollout: Monday, June 2, 2025 at 15:00 UTC

  • Mainnet Rollout: Tuesday, June 3, 2025 at 15:00 UTC

:wrench: What is Changing?

Node registrations into the Flow protocol are managed by the Flow core-contracts. As part of implementing the PoP scheme, the contracts will be updated to read the staking PoP data from registration requests and make sure it matches the staking public key provided.

These changes have been tested on Testnet in a prior cycle (see earlier post).
In relation with the contract changes, the bootstrap utility has been updated to derive the new PoP field when generating new node details.
Flow-port has been updated to support the PoP entry when registering a new node.
Wallets supporting staking should also be updated to reflect the change. The Flow app on the Ledger Hardware Wallet has been updated and released to use the new staking transaction.


The Testnet and Mainnet core-contracts and functions impacted by the change are:

  • FlowIDTableStaking (addNodeRecord function)
  • LockedTokens (registerNode function)
  • FlowStakingCollection (registerNode function)

For details, see this pull request for all transaction and contract changes.


:locked: Why is This Important?

Flow internal node communication is authenticated using BLS signatures. Nodes participating in the protocol register a BLS public key as their public identity, also called a staking public key.
Flow protocol leverages BLS multi-signature features to optimize for data size and computation time. BLS multi-verification of an aggregated signature requires a defence against rogue key attacks and there are a few schemes Flow can implement to secure the protocol as described by the BLS signature IEFT draft. Flow protocol uses the Proof of Possession scheme (simply referred to as PoP) to optimize for the case of aggregating signatures on the same message.
The PoP scheme is also required to secure the BLS-based SPoCK scheme from rogue key attacks. The same staking keys are used by the nodes to implement the SPoCK scheme.

Nodes registering to participate in the Flow protocol are required to provide staking information including their BLS staking public key.
As Flow moves towards permissionless node participation, a proof of possession of the staking private key should be also provided as part of the public information. The protocol should only accept registration requests from new nodes that provide a valid proof of possession of the private key that matches their public key.
The defence guarantees that rogue public keys are not submitted to the network by malicious nodes.


:compass: A Step Towards Protocol Autonomy

This PoP rollout is a foundational step on our Protocol Autonomy Roadmap. It supports Flow’s transition towards a more decentralized, permissionless, and secure infrastructure for node participation.


:white_check_mark: Next Steps for Node Operators

  • If you do not use Flow Port and have developed your own node registration workflow, you will need to update your transaction process to include the PoP field.
  • Similarly, if you don’t rely on the bootstrap utility and have created custom tooling for node key generation, you must update your tools to generate the PoP of the staking private key. The way to generate a valid proof is specified in the Cadence doc (given that the proof is verifiable on Cadence). A compliant Go implementation is provided by the Flow cryptography repo.
  • Reach out in the forum or Discord if you encounter issues or have questions.

Thank you for building with Flow :ocean:

The rollout of Proof of Possession to testnet is now complete.

Here is a sample testnet staking transaction that included the proof of possession field - https://testnet.flowscan.io/tx/d1b42ac0c002d294b4b6cb9001fff4082c3b7047fd2f5a933cd3392f5f75f874.

Mainnet rollout scheduled for tomorrow at 8 AM Pacific as planned.