Setup Full Node
This document details how to join the Secret Network secret-4
mainnet as a full node. Once your full node is running and synced to the last block, you can use it
Requirements
Secret Network has strict Hardware Requirements, see Hardware Compliance. If your machine does not meet them, it will *NOT* work as a node.
Ubuntu/Debian host, recommended is Ubuntu 20.04 LTS or 22.04 LTS.
A public IP address, so that other nodes can connect to you.
Open ports
TCP 26656 & 26657
Note: If you're behind a router or firewall then you'll need to port forward on the network device.RPC address of an already active node. You can use any node that exposes RPC services, please see API Endpoints Mainnet (Secret-4).
Installation
Install SGX and secretd
secretd
This guide assumes you've already installed the latest version of secretd and SGX.
For more information on how to install SGX, see instructions here.
If you need help with installing secretd, please take a look at Install secretd.
Initialize Secret Network Configs
Choose a moniker for yourself, and replace <MONIKER>
with whatever name you like (could be some random string, or just how you like to name to node) below. This moniker is your public nickname of the node in the network.
This will generate the following files in ~/.secretd/config/
genesis.json
node_key.json
priv_validator_key.json
Download genesis.json
genesis.json
Initialize Secret Enclave
Initialize /opt/secret/.sgx_secrets
:
You can choose between two methods, automatic or manual:
Initialize Secret Enclave - Automatic Registration (EXPERIMENTAL)
WARNING: This method is experimental, and may not work. If it doesn't work, skip to manual registration.
The following commands will create the necessary environment variables and attempt to automatically register the node.
If this step was successful, you can skip straight to Optimization.
Initialize Secret Enclave - Manual Registration
Verify Enclave Initialization
The attestation certificate should have been created by the previous step
Verify the certificate is valid. A 64-character registration key will be printed if it was successful.
If registration was NOT succesfull consider checking out the Registration troubleshoot help or contact a fellow validator on our discord.
Configure secretd
secretd
The following steps should use secretd
be ran on the full node itself. To run the steps with secretd
on a local machine, set up the CLI there.
Configure secretd
. Initially you'll be using the bootstrap node, as you'll need to connect to a running node and your own node is not running yet.
Fund Secret Wallet
If you already have a wallet funded with SCRT
, you can import the wallet by doing the following:
Otherwise, you will need to set up a key. Make sure you back up the mnemonic and the keyring password.
This will output your address, a 45 character-string starting with secret1...
.
Configure Node Attestation
Register your node on-chain
2. Pull & check your node's encrypted seed from the network
3. Get additional network parameters
These are necessary to configure the node before it starts.
Configure Secret Node
From here on, commands must be ran on the full node.
Optimization
In order to be able to handle NFT minting and other Secret Contract-heavy operations, it's recommended to update your SGX memory enclave cache:
Also checkout this document by block pane
for fine tuning your machine for better uptime.
Set minimum-gas-price
Parameter
minimum-gas-price
ParameterWe recommend 0.1uscrt
per gas unit:
Your node will not accept transactions that specify --fees
lower than the minimun-gas-price
you set here.
Set IAVL-disable-fastnode
IAVL fast node must be disabled, otherwise the daemon will attempt to upgrade the database whil state sync is occuring.
Enable secret-node
:
secret-node
:Note that the secret-node
system file is created when installing sgx.
You are now a now ready to finally sync the full node. 🎉.
Go to Statesync or Quicksync / Snapshot to continue.
Snapshot
To sync to head quickly, please see Quicksync / Snapshot.
State Sync
You can skip syncing from scratch or download a snapshot by Statesync to the current block.
Get Node ID
secretd tendermint show-node-id
And publish yourself as a node with this ID:
Be sure to point your CLI to your running node instead of the bootstrap node
secretcli config node tcp://localhost:26657
If someone wants to add you as a peer, have them add the above address to their persistent_peers in their ~/.secretd/config/config.toml.
And if someone wants to use your node from their secretcli then have them run:
Optional: Become a Validator
To turn your full node into a validator, see Joining Mainnet as a Validator.
Last updated