This guide is an updated version of the testnet guide made by Markus.
System Requirements
Minimum Hardware
-
4 CPU
-
Memory: 8GB
-
Disk: 512GB SSD
-
OS: Debian 64-bit
-
Bandwidth: 20Mbps
-
Allow all incoming connections on TCP port 8550 and 8555
Rent a VPS/dedicated Server or use your own hardware:
System Configuration
Log in to your Server
Log in to your system as the root user:
- Windows (tutorial)
Download PuTTYgen
- Mac/Linux (tutorial)
Open a Terminal and type in the following command:
ssh root@server_ip_address
Dont’forget to replace server_ip_address by your server’s ip.
Install Prerequisites
Copy and Paste each line into your Shell and press ENTER . Some may already be installed, in this case proceed with the next one.
apt update && sudo apt upgrade -y
apt install curl -y
apt install sudo -y
apt install gcc g++ make -y
apt install git -y
apt install screen -y
apt install nano -y
apt install npm -y
apt install jq -y
apt install ufw -y
apt install fail2ban -y
apt install build-essential -y
curl -sL https://deb.nodesource.com/setup_12.x | bash -
apt install nodejs -y
npm install -g pm2 -y
timedatectl set-timezone UTC
Configure Firewall
ufw allow ssh/tcp
ufw limit ssh/tcp
ufw allow 8550/tcp
ufw allow 8550/udp
ufw allow 8555/tcp
ufw allow 8555/udp
ufw logging on
Warning: Please double check that you allow ssh/tcp which is the SSH Port, otherwise you will not be able to access your server after enabling your Firewall.
Enable the Firewall:
ufw enable
//Output
Command may disrupt existing ssh connections. Proceed with operation (y|n)?
Confirm with y
.
//Output
Firewall is active and enabled on system startup
Verify that all rules have been been created successfully:
ufw status
//Output
To Action From
-- ------ ----
22/tcp LIMIT Anywhere
8555/tcp ALLOW Anywhere
8555/udp ALLOW Anywhere
8550/tcp ALLOW Anywhere
8550/udp ALLOW Anywhere
22/tcp (v6) LIMIT Anywhere (v6)
8555/tcp (v6) ALLOW Anywhere (v6)
8555/udp (v6) ALLOW Anywhere (v6)
8550/tcp (v6) ALLOW Anywhere (v6)
8550/udp (v6) ALLOW Anywhere (v6)
Enable fail2ban
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time.
Enable fail2ban:
service fail2ban start
Create a Sudo User
Don’t forget to replace username with the user name that you want to create:
apt install sudo -y
adduser username
usermod -aG sudo username
You will be prompted to set and confirm the new user password. Make sure that the password for the new account is as strong as possible.
//Output
Adding user `intchain' ...
Adding new group `intchain' (1000) ...
Adding new user `intchain' (1000) with group `intchain' ...
Creating home directory `/home/intchain' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Once you set the password the command will create a home directory for the user, copy several configuration files in the home directory, and prompts you to set the new user’s information. If you want to leave all of this information blank just press ENTER
to accept the defaults.
Changing the user information for intchain
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n]
Switch User
Switch to the newly created user. Don’t forget to replace username with the user name that you created in the last step:
su - username
Configure pm2
PM2 is a production process manager for applications. It allows you to keep applications alive forever,to stop or to reload them.
Add pm2 as a service so that it automatically starts with your system:
pm2 startup systemd
Execute this command as sudo to finish the configuration. Don’t forget to replace username two times:
sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -u USERNAME --hp /home/USERNAME
Install
Install Golang
Go 1.12.5+ is required for building and installing the INT Chain software.
Download the official binary distribution for Linux:
wget https://dl.google.com/go/go1.14.3.linux-amd64.tar.gz
Extract it into /usr/locale:
sudo tar -C /usr/local -xzvf go1.14.3.linux-amd64.tar.gz
Note: You will be prompted for the password of your newly created user because you use sudo. Sudo is a command under Unix and unix-like operating systems like Linux or macOS that is used to start processes with the rights of another user (e.g. the superuser root).
Set your $GOPATH , $GOBIN and $PATH environment variables:
mkdir -p $HOME/go/bin
echo "export GOPATH=$HOME/go" >> ~/.profile
echo "export GOBIN=$HOME/go/bin" >> ~/.profile
echo "export PATH=$PATH:$HOME/go/bin:/usr/local/go/bin" >> ~/.profile
source ~/.profile
Verify that go has been installed successfully:
go version
//Output
go version go1.14.3 linux/amd64
Install intchain
Clone the source code of intchain:
cd ~
git clone https://github.com/intfoundation/intchain
Compile intchain:
cd ~/intchain/
make intchain
Verify that intchain has been installed successfully:
intchain version
//Output
Chain: intchain
Version: 4.0.2-unstable
Architecture: amd64
Protocol Versions: [65 64 63]
Go Version: go1.14.3
Operating System: linux
GOPATH=/home/intchain/go
GOROOT=/usr/local/go
Start intchain
pm2 start ~/go/bin/intchain --name "mainnet" -- --rpc --rpcapi personal,int,net,web3 --rpcport 8555
Save the pm2 process list:
pm2 save
Verify that your node started to sync the blockchain:
pm2 log 0
You should not get any error messages and your node should start downloading blocks:
//Output
0|intchain | INFO [05-24|17:52:55.636] Loaded most recent local header number=0 hash=37bbcf...f584
0|intchain | INFO [05-24|17:52:55.636] Loaded most recent local full block number=0 hash=37bbcf...f584
0|intchain | INFO [05-24|17:52:55.636] Loaded most recent local fast block number=0 hash=37bbcf...f584
0|intchain | INFO [05-24|17:52:55.636] Regenerated local transaction journal transactions=0 accounts=0
0|intchain | INFO [05-24|17:52:55.636] IPBFT SetBroadcaster: 0xc0000a6ea0
0|intchain | INFO [05-24|17:52:55.636] IPBFT backend protocol
0|intchain | INFO [05-24|17:52:55.640] Allocated cache and file handles database=/home/intchain/.
0|intchain | INFO [05-24|17:52:55.645] Starting P2P networking
0|intchain | INFO [05-24|17:52:57.755] UDP listener up self=enode://b3bd3a267b10
0|intchain | INFO [05-24|17:52:57.756] RLPx listener up self=enode://b3bd3a267b10
0|intchain | INFO [05-24|17:52:57.756] Start Chain: testnet
0|intchain | INFO [05-24|17:52:57.759] IPC endpoint opened url=/home/intchain/.intch
0|intchain | INFO [05-24|17:52:57.760] Before load child chains, child chain IDs are [], len is 0
0|intchain | INFO [05-24|17:52:57.760] Number of child chain to be loaded :0
0|intchain | INFO [05-24|17:52:57.760] Start to load child chain: map[]
0|intchain | INFO [05-24|17:52:58.994] peer 6a3ef5c6881ccca6 added
0|intchain | INFO [05-24|17:53:07.757] Block synchronisation started
0|intchain | INFO [05-24|17:53:09.170] IPBFT backend verify headers
0|intchain | INFO [05-24|17:53:09.178] BlockChain insert block number 1, hash: 768cde9b61db2
Wait until the whole blockchain has been downloaded.
To close the log press Ctrl + C.
Limiting Log Files Disk Space
Unfortunately pm2 doesn’t limit the size of the log files. This can lead to a full disk and being unable to validate new blocks. These commands limit the size of the log files to ~1GB in total.
pm2 install pm2-logrotate
pm2 set pm2-logrotate:max_size 100M
pm2 set pm2-logrotate:retain 10
pm2 set pm2-logrotate:compress true
pm2 flush
pm2 save
Registration Process
Info: Your node needs to be fully synced to proceed, otherwise you won’t be able to interact with the intchain command line interface (CLI). To verify that you are synced use the aforementioned command : pm2 log 0.
Create a Wallet
You can create a new wallet or import an existing one:
intchain account new
//Output
Your new account is locked with a password. Please give a password. Do not forget this password
You will be prompted to set and confirm the new wallet password. Make sure that the password for the new account is as strong as possible.
Warning: Backup your password!
//Output
Address: {0xa09cdC55de986B2036696902d5Bf1409f5bF12D1}
List Accounts
intchain account list
//Output
Account #0:{0xa09cdC55de986B2036696902d5Bf1409f5bF12D1} keystore:///home/username/.intchain/intchain/keystore/UTC--2021-08-24T21-02-02.525094718Z--0xa09cdC55de986B2036696902d5Bf1409f5bF12D1
You also get the location of your keystore file: /home/username/.intchain/intchain/keystore/UTC–2021-08-24T21-02-02.525094718Z–0xa09cdC55de986B2036696902d5Bf1409f5bF12D1
Warning: Backup your keystore file!
Create BLS keys
Don’t forget to replace the 0xa09cdC55de986B2036696902d5Bf1409f5bF12D1 with your own wallet address.
Create BLS key:
intchain create-validator 0xa09cdC55de986B2036696902d5Bf1409f5bF12D1
Once you create a BLS Key, it will create a priv_validator.json file located at ~/.intchain/intchain/priv_validator.json
Warning: Backup your priv_validator.json file! You also need the information in that file to proceed and to restore your node if needed.
{
"address": "0xa09cdC55de986B2036696902d5Bf1409f5bF12D1",
"consensus_priv_key": [
4,
"226BD35946EA2D4CB341DE4DD503F59905A435B57009FBF4E9983CA8B2BAD1F8"
],
"consensus_pub_key": [
4,
"42E9FA0F8DE302BA54A2BBF5A286B2262D281CD92164AB562583DCD35B664D20845F8525D0B2FB567700644D9C9302F290C3492CFDDDAEB132DFFCD3ADF05F1F409DD6D1B676E6A70E9D7DAAA9E1CFDD2AD9C1ED4F216070D988F83FC0204D19424768D35B664F1A4172F80371B87C89341E18E4014B67B246749DA9D7DF8B3B4”
]
}
Sign Address
Sign the address with BLS private key, return the BLS signature to proof you are the owner of the BLS public key.
You need:
-
Wallet Address
0xa09cdC55de986B2036696902d5Bf1409f5bF12D1 in this example -
BLS Private Key
consensus_priv_key from your ~/.intchain/intchain/priv_validator.json file
Tip: Get your consensus_priv_key with:
cat ~/.intchain/intchain/priv_validator.json
Warning: You have to add the string 0x before your consensus_priv_key
Sign your address:
curl -X POST --data '{"jsonrpc":"2.0","method":"int_signAddress","params":["0xa09cdC55de986B2036696902d5Bf1409f5bF12D1", "0x226BD35946EA2D4CB341DE4DD503F59905A435B57009FBF4E9983CA8B2BAD1F8"],"id":1}' -H 'content-type: application/json;' http://localhost:8555
//Output
{"jsonrpc":"2.0","id":1,"result":"0x77d81859783226eb1dd5193484b8ea0a77c947bc1b3b225194c5e4ddc064e5455b30c7c5a05879b70f32bb44c6cb192d63c1ccaec8b2817b1b9e18cee8749e4b"}
Warning: You need the string of your result to register your node.
In this example it is:
0x77d81859783226eb1dd5193484b8ea0a77c947bc1b3b225194c5e4ddc064e5455b30c7c5a05879b70f32bb44c6cb192d63c1ccaec8b2817b1b9e18cee8749e4b
Unlock Wallet
Decrypts the key with the given address from the key store. Don’t forget to replace the wallet “0xa09cdC55de986B2036696902d5Bf1409f5bF12D1” and “Password” with your own wallet address + keystore password and keep the quotation marks. This is the password you set when you created the wallet.
curl -X POST --data '{"jsonrpc":"3.0","method":"personal_unlockAccount","params":["0xa09cdC55de986B2036696902d5Bf1409f5bF12D1", "PASSWORD", 3600],"id":1}' -H 'content-type: application/json;' http://localhost:8555
//Output
{"jsonrpc":"2.0","id":1,"result":true}
You recieve “result”: true if it was successful.
Register as a Validator
You need:
-
Wallet Address
0xa09cdC55de986B2036696902d5Bf1409f5bF12D1 -
Register Amount (1 000 000 INT)
0xD3C21BCECCEDA1000000 -
BLS public key
consensus_pub_key from your ~/.intchain/intchain/priv_validator.json file -
Signature
Output of Sign Address -
Commission
10
curl -X POST --data '{"jsonrpc":"2.0","method":"int_register","params":["0xa09cdC55de986B2036696902d5Bf1409f5bF12D1", "0xD3C21BCECCEDA1000000", "42E9FA0F8DE302BA54A2BBF5A286B2262D281CD92164AB562583DCD35B664D20845F8525D0B2FB567700644D9C9302F290C3492CFDDDAEB132DFFCD3ADF05F1F409DD6D1B676E6A70E9D7DAAA9E1CFDD2AD9C1ED4F216070D988F83FC0204D19424768D35B664F1A4172F80371B87C89341E18E4014B67B246749DA9D7DF8B3B4","0x77d81859783226eb1dd5193484b8ea0a77c947bc1b3b225194c5e4ddc064e5455b30c7c5a05879b70f32bb44c6cb192d63c1ccaec8b2817b1b9e18cee8749e4b", 10],"id":1}' -H 'content-type: application/json;' http://localhost:8555
//Output
{"jsonrpc":"2.0","id":1,"result":"0xb0b72c93e315133e9573219333c0a60de146398dff5bf8ba2c90dcc5c3391b7c"}
Check Validator
Visit Titansexplorer
- A TxType: Register should appear when you search for your hash from the previous registration output: 0xb0b72c93e315133e9573219333c0a60de146398dff5bf8ba2c90dcc5c3391b7c
Verify on Validators
-
Your node address should be in the “Candidate” tab.
-
If you have enough votes to be in the top 25 validators, your node should be listed in the “Validators” tab when the current epoch has ended (~2 hours max).
Edit Your Validator
This will allow you to set a name and a logo to your node. You can also add a website and some details.
Configure Keybase
-
Download Keybase and create an account.
-
Upload your logo as your Keybase account’s avatar
-
Add a PGP key to your Keybase account (you should see this option after sign-up), and you will get a 16-digit string. You need this 16-digit string to edit you validator.
Unlock your wallet
curl -X POST --data '{"jsonrpc":"3.0","method":"personal_unlockAccount","params":["ADDRESS", "PASSWORD", 3600],"id":1}' -H 'content-type: application/json;' http://localhost:8555
//Output
{"jsonrpc":"2.0","id":1,"result":true}
Edit Validator
You need:
-
Wallet Address
0xa09cdC55de986B2036696902d5Bf1409f5bF12D1 -
Validator Name
Don Quijote -
The validator website
Can be left blank with“”
-
Keybase PGP key
4EBD51E368J1726A -
Validator Details
Can be left blank with“”
curl -X POST --data '{"jsonrpc":"2.0","method":"int_editValidator","params":["0xa09cdC55de986B2036696902d5Bf1409f5bF12D1", "Don Quijote", "", "4EBD51E368J1726A", ""],"id":1}' -H 'content-type: application/json;' http://localhost:8555
//Output
{"jsonrpc":"2.0","id":1,"result":"0x30a555d3707e03da13680228d076d996d4f32ff533d69f565dc13587333e45bb"}
For more information go to: https://titansdocs.intchain.io/