About the keypair generated for Solana onchain programs

When we are trying to create an on-chain program, there’s a build process. (I’m using Rust version).
Then in the dist directory, it will create .so file and a keypair.

When we deploy that project via solana program deploy will use the public key above keypair as the programId.

Does Solana uses that keypair, only to generate the public key?
In other words, is it okay to submit that key to a public GitHub repository?

No, that private key is what allows you to publish updated versions of the program so it must be kept safe and private so that people can’t modify the program without your consent.

Ah ha.
Got it. Thanks.

1 Like