fix(scripts): preserve node_key.json across state sync (PLT-415)

[monty-sei]

Summary

• scripts/state_sync.sh backed up priv_validator_key.json before wiping ~/.sei/config, but not node_key.json — which lives in the same directory. The whole config/ dir is moved to ~/.sei_backup and only the validator key is copied back, so node_key.json never returns.
• On the next start, LoadOrGenNodeKey finds no key and generates a fresh Ed25519 keypair, giving the node a brand-new NodeID (hex(sha256(pubkey)[:20])). Any peer that has the old NodeID@host:port in persistent_peers then silently fails to connect, because Tendermint rejects the handshake when the advertised NodeID doesn't match.
• This bites hardest during upgrades / incident recovery — exactly when operators reach for state sync — and churns the NodeID on every run for teams using state sync for disk management. State sync has no dependency on a fresh node key, so there's no reason to regenerate it.
• Fix: back up and restore node_key.json alongside priv_validator_key.json, preserving node identity across a sync.

Test plan

• bash -n scripts/state_sync.sh — syntax clean
• Verified backup/restore symmetry: node_key.json is now copied to $HOME/key_backup before the config wipe and copied back to $HOME/.sei/config/ afterward, mirroring the existing priv_validator_key.json handling
• Operator validation on a non-prod node: run state sync on an existing node and confirm the NodeID (seid tendermint show-node-id) is unchanged afterward

Notes

• The copy of this script deployed on some EC2 instances is reportedly out of date with the version in sei-infra. This PR fixes the in-repo script; the sei-infra copy should be patched and redeployed separately so existing nodes actually pick up the fix.

[cursor]

PR Summary

Low Risk
Operator-only shell script change with no application or chain logic impact; reduces operational risk from accidental NodeID rotation.

Overview
scripts/state_sync.sh now backs up and restores node_key.json the same way it already does for priv_validator_key.json, so wiping and rebuilding ~/.sei during state sync no longer drops the Tendermint node key.

Without that file, the node would mint a new NodeID on restart and persistent_peers entries keyed to the old ID would fail to connect—especially painful during upgrades or recovery when operators rely on this script.

The change is symmetric copy-in / copy-out around the existing key backup flow; state sync behavior itself is unchanged.

^{Reviewed by Cursor Bugbot for commit 44712ef. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	✅ passed	✅ passed	✅ passed	Jun 1, 2026, 12:35 AM

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.30%. Comparing base (3d3df7e) to head (44712ef).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3527      +/-   ##
==========================================
- Coverage   59.15%   58.30%   -0.85%     
==========================================
  Files        2213     2140      -73     
  Lines      182710   174341    -8369     
==========================================
- Hits       108077   101650    -6427     
+ Misses      64930    63667    -1263     
+ Partials     9703     9024     -679     

Flag	Coverage Δ
sei-db	70.41% <ø> (-0.22%)	⬇️
sei-db-state-db	?

Flags with carried forward coverage won't be shown. Click here to find out more.
see 74 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.