Comment on page
Setup Full Node
This document details how to join the Secret Network
secret-4mainnet as a full node. Once your full node is running and synced to the last block, you can use it
- Ubuntu/Debian host, recommended is Ubuntu 20.04 LTS or 22.04 LTS.
- A public IP address, so that other nodes can connect to you.
- Open ports
TCP 26656 & 26657Note: If you're behind a router or firewall then you'll need to port forward on the network device.
This guide assumes you've already installed the latest version of secretd and SGX.
Choose a moniker for yourself, and replace
<MONIKER>with whatever name you like (could be some random string, or just how you like to name to node) below. This moniker is your public nickname of the node in the network.
secretd init <MONIKER> --chain-id secret-4
This will generate the following files in
wget -O ~/.secretd/config/genesis.json "https://github.com/scrtlabs/SecretNetwork/releases/download/v1.2.0/genesis.json"
# verify genesis.json checksum
echo "759e1b6761c14fb448bf4b515ca297ab382855b20bae2af88a7bdd82eb1f44b9 $HOME/.secretd/config/genesis.json" | sha256sum --check
mkdir -p /opt/secret/.sgx_secrets
The following commands will create the necessary environment variables and attempt to automatically register the node.
The attestation certificate should have been created by the previous step
ls -lh /opt/secret/.sgx_secrets/attestation_cert.der
Verify the certificate is valid. A 64-character registration key will be printed if it was successful.
PUBLIC_KEY=$(secretd parse /opt/secret/.sgx_secrets/attestation_cert.der 2> /dev/null | cut -c 3-)
secretd. Initially you'll be using the bootstrap node, as you'll need to connect to a running node and your own node is not running yet.
secretd config chain-id secret-4
secretd config node https://rpc.secret.express
secretd config output json
If you already have a wallet funded with
SCRT, you can import the wallet by doing the following:
secretd keys add <key-alias> --recover
Otherwise, you will need to set up a key. Make sure you back up the mnemonic and the keyring password.
secretd keys add <key-alias>
This will output your address, a 45 character-string starting with
- 1.Register your node on-chain
secretd tx register auth /opt/secret/.sgx_secrets/attestation_cert.der -y --from <key-alias>
2. Pull & check your node's encrypted seed from the network
SEED=$(secretd query register seed $PUBLIC_KEY | cut -c 3-)
3. Get additional network parameters
These are necessary to configure the node before it starts.
secretd query register secret-network-params
ls -lh ./io-master-key.txt ./node-master-key.txt
From here on, commands must be ran on the full node.
mkdir -p ~/.secretd/.node
secretd configure-secret node-master-key.txt $SEED
In order to be able to handle NFT minting and other Secret Contract-heavy operations, it's recommended to update your SGX memory enclave cache:
sed -i.bak -e "s/^contract-memory-enclave-cache-size *=.*/contract-memory-enclave-cache-size = \"15\"/" ~/.secretd/config/app.toml
0.1uscrtper gas unit:
perl -i -pe 's/^minimum-gas-prices = .+?$/minimum-gas-prices = "0.1uscrt"/' ~/.secretd/config/app.toml
Your node will not accept transactions that specify
--feeslower than the
minimun-gas-priceyou set here.
IAVL fast node must be disabled, otherwise the daemon will attempt to upgrade the database whil state sync is occuring.
sed -i.bak -e "s/^iavl-disable-fastnode *=.*/iavl-disable-fastnode = true/" $HOME/.secretd/config/app.toml
Note that the
secret-nodesystem file is created when installing sgx.
sudo systemctl enable secret-node
You are now a now ready to finally sync the full node. 🎉.
secretd tendermint show-node-id
And publish yourself as a node with this ID:
Be sure to point your CLI to your running node instead of the bootstrap node
secretcli config node tcp://localhost:26657
If someone wants to add you as a peer, have them add the above address to their persistent_peers in their ~/.secretd/config/config.toml.
And if someone wants to use your node from their secretcli then have them run:
secretcli config chain-id secret-4
secretcli config output json
secretcli config indent true
secretcli config node tcp://<your-public-ip>:26657
Last modified 1d ago