Support multiple YubiHSMs per process

[freak12techno]

So I'm currently using tmkms with a yubihsm2 to sign blocks for multiple validators and it works fine so far. I want to ensure it's not a single point of failure so I want to buy a failover hsm to make it a full copy of a main hsm, so if a main one fails, I can just remove it from usb port and install a failover one and it would still work. But that requires an app restart and physical replacement of a hsm.

I'd want something like that: I can insert 2 hsms into different usb ports and set up tmkms config to use either of these, and in case one fails, tmkms would show in logs that it failed and use a failover one, so no app restart or replacing a hsm is needed.

Do you think it's possible or feasible?

[tony-iqlusion]

Yes, definitely possible.

It would also be nice to be able to load balance between them, as the YubiHSM2 is effectively single-threaded.

Currently a single TMKMS + YubiHSM2 instance caps out at or slightly below 10 chains, because after that it can't sign fast enough to keep up with them all.