Установка и использование платформы
Примеры конфигурационных файлов ноды¶
node.conf¶
В этом примере конфигурации:
используется алгоритм консенсуса PoA;
используется вторая версия генезиса;
включена роль sender для участников сети (см. статью Роли участников);
включен майнинг для трех нод;
отключен TLS;
запущены инструменты gRPC и REST API без TLS, а также исполнение смарт-контрактов;
включена авторизация по хэшу ключевой строки api-key для gRPC и REST API;
используются методы privacy c БД PostgreSQL для хранения конфиденциальных данных;
функция периодического удаления невалидных транзакций из UTX-пула участника блокчейна, который не является майнером, настроена.
настроена задержка проверки UTX-пула (есть ли в пуле транзакции или он пуст) майнером.
Поля, значения которых вы получите при использовании пакета generators или настроите самостоятельно, исходя из конфигурации вашего оборудования и ПО, помечены как /FILL/
.
Каждая секция снабжена дополнительным комментарием.
node.conf:
node {
# Type of cryptography. The field is deprecated since v1.9.0, use 'node.crypto.type = waves | gost' instead.
waves-crypto = yes
crypto {
# Possible values: [WAVES, GOST]
type = WAVES
pki {
# Possible values: [OFF, ON, TEST]
# Can be enabled with GOST crypto type only
mode = OFF
required-oids = []
}
}
# Node owner address
owner-address = " /FILL/ "
# NTP settings
ntp.fatal-timeout = 5 minutes
# Node "home" and data directories to store the state
directory = "/node"
data-directory = "/node/data"
# Location and name of a license file
# license.file = ${node.directory}"/node.license"
wallet {
# Path to keystore.
file = "/node/keystore.dat"
# Access password
password = " /FILL/ "
}
# Blockchain settings
blockchain {
type = CUSTOM
fees.enabled = false
consensus {
type = "poa"
round-duration = "17s"
sync-duration = "3s"
ban-duration-blocks = 100
warnings-for-ban = 3
max-bans-percentage = 40
}
custom {
address-scheme-character = "E"
functionality {
feature-check-blocks-period = 1500
blocks-for-feature-activation = 1000
pre-activated-features = { 2 = 0, 3 = 0, 4 = 0, 5 = 0, 6 = 0, 7 = 0, 9 = 0, 10 = 0, 100 = 0, 101 = 0 }
}
# Mainnet genesis settings
genesis {
version: 2
sender-role-enabled: true
average-block-delay: 60s
initial-base-target: 153722867
# Filled by GenesisBlockGenerator
block-timestamp: 1573472578702
initial-balance: 16250000 WEST
# Filled by GenesisBlockGenerator
genesis-public-key-base-58: ""
# Filled by GenesisBlockGenerator
signature: ""
transactions = [
# Initial token distribution:
# - recipient: target's blockchain address (base58 string)
# - amount: amount of tokens, multiplied by 10e8 (integer)
#
# Example: { recipient: "3HQSr3VFCiE6JcWwV1yX8xttYbAGKTLV3Gz", amount: 30000000 WEST }
#
# Note:
# Sum of amounts must be equal to initial-balance above.
#
{ recipient: " /FILL/ ", amount: 1000000 WEST },
{ recipient: " /FILL/ ", amount: 1500000 WEST },
{ recipient: " /FILL/ ", amount: 500000 WEST },
]
network-participants = [
# Initial participants and role distribution
# - public-key: participant's base58 encoded public key;
# - roles: list of roles to be granted;
#
# Example: {public-key: "EPxkVA9iQejsjQikovyxkkY8iHnbXsR3wjgkgE7ZW1Tt", roles: [permissioner, miner, connection_manager, contract_developer, issuer]}
#
# Note:
# There has to be at least one miner, one permissioner and one connection_manager for the network to start correctly.
# Participants are granted access to the network via GenesisRegisterNodeTransaction.
# Role list could be empty, then given public-key will only be granted access to the network.
#
{ public-key: " /FILL/ ", roles: [permissioner, sender, miner, connection_manager, contract_developer, issuer]},
{ public-key: " /FILL/ ", roles: [miner, sender]},
{ public-key: " /FILL/ ", roles: []},
]
}
}
}
# Application logging level. Could be DEBUG | INFO | WARN | ERROR. Default value is INFO.
logging-level = DEBUG
tls {
# Supported TLS types:
# • EMBEDDED: Certificate is signed by node's provider and packed into JKS Keystore. The same file is used as a Truststore.
# Has to be manually imported into system by user to avoid certificate warnings.
# • DISABLED: TLS is fully disabled
type = DISABLED
# type = EMBEDDED
# keystore-path = ${node.directory}"/we_tls.jks"
# keystore-password = ${TLS_KEYSTORE_PASSWORD}
# private-key-password = ${TLS_PRIVATE_KEY_PASSWORD}
}
# P2P Network settings
network {
# Network address
bind-address = "0.0.0.0"
# Port number
port = 6864
# Enable/disable network TLS
tls = no
# ENUM: default or watcher
mode = default
# Peers network addresses and ports
# Example: known-peers = ["node-1.com:6864", "node-2.com:6864"]
known-peers = [ /FILL/ ]
# Node name to send during handshake. Comment this string out to set random node name.
# Example: node-name = "your-we-node-name"
node-name = " /FILL/ "
# How long the information about peer stays in database after the last communication with it
peers-data-residence-time = 2h
# String with IP address and port to send as external address during handshake. Could be set automatically if uPnP is enabled.
# Example: declared-address = "your-node-address.com:6864"
declared-address = "0.0.0.0:6864"
# Delay between attempts to connect to a peer
attempt-connection-delay = 5s
}
# New blocks generator settings
miner {
enable = yes
# Important: use quorum = 0 only for testing purposes, while running a single-node network;
# In other cases always set quorum > 0
quorum = 2
interval-after-last-block-then-generation-is-allowed = 10d
micro-block-interval = 5s
min-micro-block-age = 3s
max-transactions-in-micro-block = 500
minimal-block-generation-offset = 200ms
utx-check-delay = 100ms
}
# Nodes REST API settings
api {
rest {
# Enable/disable REST API
enable = yes
# Network address to bind to
bind-address = "0.0.0.0"
# Port to listen to REST API requests
port = 6862
# Enable/disable TLS for REST
tls = no
}
grpc {
# Enable/disable gRPC API
enable = yes
# Network address to bind to
bind-address = "0.0.0.0"
# Port to listen to gRPC API requests
port = 6865
# Enable/disable TLS for gRPC
tls = no
}
auth {
type: "api-key"
# Hash of API key string
# You can obtain hashes by running ApiKeyHash generator
api-key-hash: " /FILL/ "
# Hash of API key string for PrivacyApi routes
privacy-api-key-hash: " /FILL/ "
# Api-key hash string for ConfidentialContractsApi routes
confidential-contracts-api-key-hash = " /FILL/ "
}
}
#Settings for Privacy Data Exchange
privacy {
replier {
parallelism = 10
stream-timeout = 1 minute
stream-chunk-size = 1MiB
}
# Syncs private data.
synchronizer {
request-timeout = 2 minute
init-retry-delay = 5 seconds
inventory-stream-timeout = 15 seconds
inventory-request-delay = 3 seconds
inventory-timestamp-threshold = 10 minutes
crawling-parallelism = 100
max-attempt-count = 24
lost-data-processing-delay = 10 minutes
network-stream-buffer-size = 10
}
inventory-handler {
max-buffer-time = 500ms
max-buffer-size = 100
max-cache-size = 100000
expiration-time = 5m
replier-parallelism = 10
}
cache {
max-size = 100
expire-after = 10m
}
storage {
vendor = postgres
# for postgres vendor:
schema = "public"
migration-dir = "db/migration"
profile = "slick.jdbc.PostgresProfile$"
upload-chunk-size = 1MiB
jdbc-config {
url = "jdbc:postgresql://postgres:5432/node-1"
driver = "org.postgresql.Driver"
user = postgres
password = wenterprise
connectionPool = HikariCP
connectionTimeout = 5000
connectionTestQuery = "SELECT 1"
queueSize = 10000
numThreads = 20
}
# for s3 vendor:
# url = "http://localhost:9000/"
# bucket = "privacy"
# region = "aws-global"
# access-key-id = "minio"
# secret-access-key = "minio123"
# path-style-access-enabled = true
# connection-timeout = 30s
# connection-acquisition-timeout = 10s
# max-concurrency = 200
# read-timeout = 0s
# upload-chunk-size = 5MiB
}
service {
request-buffer-size = 10MiB
meta-data-accumulation-timeout = 3s
}
}
# Docker smart contracts settings
docker-engine {
# Docker smart contracts enabled flag
enable = yes
# For starting contracts in a local docker
use-node-docker-host = yes
default-registry-domain = "registry.wavesenterprise.com/waves-enterprise-public"
# Basic auth credentials for docker host
#docker-auth {
# username = "some user"
# password = "some password"
#}
# Optional connection string to docker host
docker-host = "unix:///var/run/docker.sock"
# Optional string to node REST API if we use remote docker host
# node-rest-api = "node-0"
# Execution settings
execution-limits {
# Contract execution timeout
timeout = 10s
# Memory limit in Megabytes
memory = 512
# Memory swap value in Megabytes (see https://docs.docker.com/config/containers/resource_constraints/)
memory-swap = 0
}
# Reuse once created container on subsequent executions
reuse-containers = yes
# Remove container with contract after specified duration passed
remove-container-after = 10m
# Remote registries auth information
remote-registries = []
# Check registry auth on node startup
check-registry-auth-on-startup = yes
# Contract execution messages cache settings
contract-execution-messages-cache {
# Time to expire for messages in cache
expire-after = 60m
# Max number of messages in buffer. When the limit is reached, the node processes all messages in batch
max-buffer-size = 10
# Max time for buffer. When time is out, the node processes all messages in batch
max-buffer-time = 100ms
#The interval after which invalid transactions (with Error status) are removed from the UTX pool of a non-miner node
utx-cleanup-interval = 1m
#The minimum number of transaction Error statuses received from other nodes, after which the transaction is removed from the UTX pool of a non-miner node
contract-error-quorum = 2
}
}
}
accounts.conf¶
В этом примере включено шифрование Waves Crypto, не используется PKI, используется стандартный идентифицирующий байт сети и отключена опция обновления keystore ноды для генерации 1 ключевой пары.
Пароль, который вам следует ввести самостоятельно, помечен как /FILL/
.
accounts.conf:
accounts-generator {
crypto {
type = WAVES
pki {
mode = OFF
required-oids = []
}
}
chain-id = T
amount = 5
wallet = ${user.home}"/node/wallet/wallet1.dat"
wallet-password = "/FILL/"
reload-node-wallet {
enabled = false
url = "http://localhost:6869/utils/reload-wallet"
}
}
api-key-hash.conf¶
В этом примере включено ГОСТ шифрование.
api-key-hash.conf:
apikeyhash-generator { crypto { type = GOST pki { mode = ON required-oids = ["1.2.3.4.5.6.7.8.9.10.11"] } } api-key = "some string for api-key" }
Дополнительные примеры¶
Дополнительные примеры конфигурационных файлов с комментариями приведены в официальном GitHub-репозитории Waves Enterprise.