Установка и использование платформы

Примеры конфигурационных файлов ноды

node.conf

В этом примере конфигурации:

  • используется алгоритм консенсуса PoA;

  • используется вторая версия генезиса;

  • включена роль sender для участников сети (см. статью Роли участников);

  • включен майнинг для трех нод;

  • отключен TLS;

  • запущены инструменты gRPC и REST API без TLS, а также исполнение смарт-контрактов;

  • включена авторизация по хэшу ключевой строки api-key для gRPC и REST API;

  • используются методы privacy c БД PostgreSQL для хранения конфиденциальных данных;

  • функция периодического удаления невалидных транзакций из UTX-пула участника блокчейна, который не является майнером, настроена.

  • настроена задержка проверки UTX-пула (есть ли в пуле транзакции или он пуст) майнером.

Поля, значения которых вы получите при использовании пакета generators или настроите самостоятельно, исходя из конфигурации вашего оборудования и ПО, помечены как /FILL/.

Каждая секция снабжена дополнительным комментарием.

node.conf:
node {
  # Type of cryptography. The field is deprecated since v1.9.0, use 'node.crypto.type = waves | gost' instead.
  waves-crypto = yes

  crypto {
    # Possible values: [WAVES, GOST]
    type = WAVES
    pki {
      # Possible values: [OFF, ON, TEST]
      # Can be enabled with GOST crypto type only
      mode = OFF
      required-oids = []
    }
  }

  # Node owner address
  owner-address = " /FILL/ "

  # NTP settings
  ntp.fatal-timeout = 5 minutes

  # Node "home" and data directories to store the state
  directory = "/node"
  data-directory = "/node/data"

  # Location and name of a license file
  # license.file = ${node.directory}"/node.license"

wallet {
  # Path to keystore.
  file = "/node/keystore.dat"

  # Access password
  password = " /FILL/ "
}

# Blockchain settings
blockchain {
  type = CUSTOM
  fees.enabled = false
  consensus {
    type = "poa"
    round-duration = "17s"
    sync-duration = "3s"
    ban-duration-blocks = 100
    warnings-for-ban = 3
    max-bans-percentage = 40
  }
  custom {
    address-scheme-character = "E"
    functionality {
      feature-check-blocks-period = 1500
      blocks-for-feature-activation = 1000
      pre-activated-features = { 2 = 0, 3 = 0, 4 = 0, 5 = 0, 6 = 0, 7 = 0, 9 = 0, 10 = 0, 100 = 0, 101 = 0 }
    }

    # Mainnet genesis settings
    genesis {
      version: 2
      sender-role-enabled: true
      average-block-delay: 60s
      initial-base-target: 153722867

      # Filled by GenesisBlockGenerator
      block-timestamp: 1573472578702

      initial-balance: 16250000 WEST

      # Filled by GenesisBlockGenerator
      genesis-public-key-base-58: ""

      # Filled by GenesisBlockGenerator
      signature: ""

      transactions = [
          # Initial token distribution:
          # - recipient: target's blockchain address (base58 string)
          # - amount: amount of tokens, multiplied by 10e8 (integer)
          #
          #     Example: { recipient: "3HQSr3VFCiE6JcWwV1yX8xttYbAGKTLV3Gz", amount: 30000000 WEST }
          #
          # Note:
          #   Sum of amounts must be equal to initial-balance above.
          #
        { recipient: " /FILL/ ", amount: 1000000 WEST },
        { recipient: " /FILL/ ", amount: 1500000 WEST },
        { recipient: " /FILL/ ", amount: 500000 WEST },
      ]
      network-participants = [
          # Initial participants and role distribution
          # - public-key: participant's base58 encoded public key;
          # - roles: list of roles to be granted;
          #
          #     Example: {public-key: "EPxkVA9iQejsjQikovyxkkY8iHnbXsR3wjgkgE7ZW1Tt", roles: [permissioner, miner, connection_manager, contract_developer, issuer]}
          #
          # Note:
          #   There has to be at least one miner, one permissioner and one connection_manager for the network to start correctly.
          #   Participants are granted access to the network via GenesisRegisterNodeTransaction.
          #   Role list could be empty, then given public-key will only be granted access to the network.
          #
        { public-key: " /FILL/ ", roles: [permissioner, sender, miner, connection_manager, contract_developer, issuer]},
        { public-key: " /FILL/ ", roles: [miner, sender]},
        { public-key: " /FILL/ ", roles: []},
      ]
    }
  }
}

# Application logging level. Could be DEBUG | INFO | WARN | ERROR. Default value is INFO.
logging-level = DEBUG

tls {
  # Supported TLS types:
  # • EMBEDDED: Certificate is signed by node's provider and packed into JKS Keystore. The same file is used as a Truststore.
  #             Has to be manually imported into system by user to avoid certificate warnings.
  # • DISABLED: TLS is fully disabled
  type = DISABLED

  # type = EMBEDDED
  # keystore-path = ${node.directory}"/we_tls.jks"
  # keystore-password = ${TLS_KEYSTORE_PASSWORD}
  # private-key-password = ${TLS_PRIVATE_KEY_PASSWORD}
}

# P2P Network settings
network {
  # Network address
  bind-address = "0.0.0.0"
  # Port number
  port = 6864
  # Enable/disable network TLS
  tls = no

  # ENUM: default or watcher
  mode = default

  # Peers network addresses and ports
  #   Example: known-peers = ["node-1.com:6864", "node-2.com:6864"]
  known-peers = [  /FILL/  ]

  # Node name to send during handshake. Comment this string out to set random node name.
  #   Example: node-name = "your-we-node-name"
  node-name = " /FILL/ "

  # How long the information about peer stays in database after the last communication with it
  peers-data-residence-time = 2h

  # String with IP address and port to send as external address during handshake. Could be set automatically if uPnP is enabled.
  #   Example: declared-address = "your-node-address.com:6864"
  declared-address = "0.0.0.0:6864"

  # Delay between attempts to connect to a peer
  attempt-connection-delay = 5s
}

# New blocks generator settings
miner {
  enable = yes
  # Important: use quorum = 0 only for testing purposes, while running a single-node network;
  # In other cases always set quorum > 0
  quorum = 2
  interval-after-last-block-then-generation-is-allowed = 10d
  micro-block-interval = 5s
  min-micro-block-age = 3s
  max-transactions-in-micro-block = 500
  minimal-block-generation-offset = 200ms
  utx-check-delay = 100ms
}

# Nodes REST API settings
api {
  rest {
    # Enable/disable REST API
    enable = yes

    # Network address to bind to
    bind-address = "0.0.0.0"

    # Port to listen to REST API requests
    port = 6862

    # Enable/disable TLS for REST
    tls = no
  }

  grpc {
    # Enable/disable gRPC API
    enable = yes

    # Network address to bind to
    bind-address = "0.0.0.0"

    # Port to listen to gRPC API requests
    port = 6865

    # Enable/disable TLS for gRPC
    tls = no
  }

  auth {
    type: "api-key"

    # Hash of API key string
    # You can obtain hashes by running ApiKeyHash generator
    api-key-hash: " /FILL/ "

    # Hash of API key string for PrivacyApi routes
    privacy-api-key-hash: " /FILL/ "

    # Api-key hash string for ConfidentialContractsApi routes
    confidential-contracts-api-key-hash = " /FILL/ "
  }
}

#Settings for Privacy Data Exchange
privacy {

  replier {
    parallelism = 10
    stream-timeout = 1 minute
    stream-chunk-size = 1MiB
  }

  # Syncs private data.
  synchronizer {
    request-timeout = 2 minute
    init-retry-delay = 5 seconds
    inventory-stream-timeout = 15 seconds
    inventory-request-delay = 3 seconds
    inventory-timestamp-threshold = 10 minutes
    crawling-parallelism = 100
    max-attempt-count = 24
    lost-data-processing-delay = 10 minutes
    network-stream-buffer-size = 10
  }

  inventory-handler {
    max-buffer-time = 500ms
    max-buffer-size = 100
    max-cache-size = 100000
    expiration-time = 5m
    replier-parallelism = 10
  }

  cache {
    max-size = 100
    expire-after = 10m
  }

  storage {
    vendor = postgres

    # for postgres vendor:
    schema = "public"
    migration-dir = "db/migration"
    profile = "slick.jdbc.PostgresProfile$"
    upload-chunk-size = 1MiB
    jdbc-config {
                     url = "jdbc:postgresql://postgres:5432/node-1"
                     driver = "org.postgresql.Driver"
               user = postgres
                     password = wenterprise
                     connectionPool = HikariCP
                     connectionTimeout = 5000
                     connectionTestQuery = "SELECT 1"
                     queueSize = 10000
                     numThreads = 20
                  }

    # for s3 vendor:
    # url = "http://localhost:9000/"
    # bucket = "privacy"
    # region = "aws-global"
    # access-key-id = "minio"
                  # secret-access-key = "minio123"
                  # path-style-access-enabled = true
                  # connection-timeout = 30s
                  # connection-acquisition-timeout = 10s
                  # max-concurrency = 200
                  # read-timeout = 0s
    # upload-chunk-size = 5MiB
  }

  service {
    request-buffer-size = 10MiB
    meta-data-accumulation-timeout = 3s
  }
}


# Docker smart contracts settings
docker-engine {
  # Docker smart contracts enabled flag
  enable = yes

  # For starting contracts in a local docker
  use-node-docker-host = yes

  default-registry-domain = "registry.wavesenterprise.com/waves-enterprise-public"
  # Basic auth credentials for docker host
   #docker-auth {
   #  username = "some user"
   #  password = "some password"
   #}

  # Optional connection string to docker host
   docker-host = "unix:///var/run/docker.sock"

  # Optional string to node REST API if we use remote docker host
  # node-rest-api = "node-0"

  # Execution settings
  execution-limits {
    # Contract execution timeout
    timeout = 10s
    # Memory limit in Megabytes
    memory = 512
    # Memory swap value in Megabytes (see https://docs.docker.com/config/containers/resource_constraints/)
    memory-swap = 0
  }

  # Reuse once created container on subsequent executions
  reuse-containers = yes

  # Remove container with contract after specified duration passed
  remove-container-after = 10m

  # Remote registries auth information
  remote-registries = []

  # Check registry auth on node startup
  check-registry-auth-on-startup = yes

  # Contract execution messages cache settings
  contract-execution-messages-cache {
    # Time to expire for messages in cache
    expire-after = 60m
    # Max number of messages in buffer. When the limit is reached, the node processes all messages in batch
    max-buffer-size = 10
    # Max time for buffer. When time is out, the node processes all messages in batch
    max-buffer-time = 100ms
    #The interval after which invalid transactions (with Error status) are removed from the UTX pool of a non-miner node
    utx-cleanup-interval = 1m
    #The minimum number of transaction Error statuses received from other nodes, after which the transaction is removed from the UTX pool of a non-miner node
    contract-error-quorum = 2
  }
 }
}

accounts.conf

В этом примере включено шифрование Waves Crypto, не используется PKI, используется стандартный идентифицирующий байт сети и отключена опция обновления keystore ноды для генерации 1 ключевой пары.

Пароль, который вам следует ввести самостоятельно, помечен как /FILL/.

accounts.conf:
accounts-generator {
  crypto {
    type = WAVES
    pki {
      mode = OFF
      required-oids = []
    }
  }
  chain-id = T
  amount = 5
  wallet = ${user.home}"/node/wallet/wallet1.dat"
  wallet-password = "/FILL/"
  reload-node-wallet {
    enabled = false
    url = "http://localhost:6869/utils/reload-wallet"
  }
}

api-key-hash.conf

В этом примере включено ГОСТ шифрование.

api-key-hash.conf:
apikeyhash-generator {
  crypto {
    type = GOST
    pki {
        mode = ON
        required-oids = ["1.2.3.4.5.6.7.8.9.10.11"]
    }
  }
  api-key = "some string for api-key"
}

Дополнительные примеры

Дополнительные примеры конфигурационных файлов с комментариями приведены в официальном GitHub-репозитории Waves Enterprise.

Смотрите также