Setting up federation
The Stellar Federation Protocol requires that you define the federation server you would like to use for your domain.
In order to use Lumenbox as your secure Stellar Federation Provider you need to define our federation server on your web server. To do this follow this procedure:
- Add a stellar.toml file to your site at https://yourdomain.com/.well-known/stellar.toml (make sure you use HTTPS) and include the following line into it: FEDERATION_SERVER=”https://lumenbox.org/federation”
- Modify your stellar.toml file/page to enable CORS. You can do this by adding “Access-Control-Allow-Origin: *” to the HTTP response header
In case you use Lumenbox Open Federation (you are adding a record to one of the domains that we provide) your records get signed automatically using an offline process.
In case you are using the Hosted Federation (you are adding a record under your own domain), the DKIF extension requires you to do few more additional steps to be able to sign and upload your records into the Lumenbox database:
- Use the signing tool to sign your federation records on your desktop (works offline so your secret key is safe!)
- Include your the public key of your signing key pair into a TXT record in your DNS: federation._stellardomainkey IN TXT “<publickey>”
Yes, it is!
For open federation (when you choose one of the domains which are provided by us) we automatically sign the entries but you do not need to worry about this. Clients/wallets which do not support DKIF validation will ignore the signature fields in the federation response.
In case you are using Hosted Federation (accounts with your own domain), Lumenbox allows you to leave the signature field empty. In this way Lumenbox will not try to validate your signature and you can register your account (although it is possible but this is not recommended as in this way your federation records will not use DKIF)