Run Nodes

In this section, you’ll get information on running a Pocket node.

These details are mostly for “intermediate” node runners, who are familiar with running full nodes and have the knowledge required to avoid getting lost. If you would like a more beginner’s tutorial, visit Zero To Node. You may also want to explore node-hosting services.

Want to understand the economics of running a node before you dive in? Read about Node Economics.

Read our guide to decide whether you want your nodes to be operated with custodial staking or non-custodial staking.

For a no-frills guide to commands, you should head over to Pocket Core on GitHub.

Environment Setup

This section will detail the hardware and software needed to run a Pocket node.

Hardware

Hardware Requirements: 4 CPU’s (or vCPU’s) | 16 GB RAM | 200GB Disk

Info

These are just the hardware requirements for your Pocket node. You’ll also need to run the full nodes of other blockchains, which may have their own hardware requirements that surpass Pocket’s.

Software

There are three ways to install the software you need to run Pocket Network.

Source

Install your dependencies

Create source code directory

mkdir -p $GOPATH/src/github.com/pokt-network && cd $GOPATH/src/github.com/pokt-network

Download the source code

git clone https://github.com/pokt-network/pocket-core.git && cd pocket-core

Checkout the latest release

git checkout tags/<release tag>
git checkout tags/RC-0.8.2

Make sure you have $GOPATH setup

echo $GOPATH
/Users/<your username>/go

Build your binary and put it in the $GOPATH/bin directory

go build -o <$GOPATH/bin directory> <source code directory>/...
go build -o $GOPATH/bin/pocket $GOPATH/src/github.com/pokt-network/pocket-core/app/cmd/pocket_core/main.go

Test your installation

pocket version
> RC-0.8.2
Info

Check your version number against the latest release here.

Homebrew

Install your dependencies

Install using Homebrew

brew tap pokt-network/pocket-core && brew install pokt-network/pocket-core/pocket

Test your installation

pocket version
> RC-0.8.2

Docker

See pokt-network/pocket-core-deployments

Environment

  • Reverse Proxy: For SSL termination and request management
  • Ports: Expose Pocket RPC (Default :8081) and P2P port (Default: 26656)
  • SSL Cert: Required for Validator’s serviceURI

Set your Open Files Limit

ulimit -Sn 16384
Warning

This Open Files Limit is set based on the standard config provided with Pocket Core in <datadir>/config/config.json. If you modify your config, you will need to ensure that you modify your Open Files Limit too, according to the formula below.

The required ulimit can be calculated using this formula:

({ulimit -Sn} >= {MaxNumInboundPeers} + {MaxNumOutboundPeers} + {GRPCMaxOpenConnections} + {MaxOpenConnections} + {Desired Concurrent Pocket RPC connections} + {100 (Constant number of wal, db and other open files)}

Secure your Server

Make sure the server that hosts your node is protected by up-to-date anti-virus and anti-malware software. Protect your node with a firewall but make sure to maintain login access for yourself and keep the above ports open.

Node Setup

Deploy Your Validator & Full Nodes

Create an account

An account is needed to participate at any level of the network.

pocket accounts create
> Enter Passphrase
> Account generated successfully:
> Address: <address>
Info

Alternatively, you can create your account using the Wallet app, then use the encrypted import command to import the account into your node environment:

pocket accounts import-armored </path/to/ppk.json>

Backup the account

Backup your private key to an encrypted and ASCII armored json file, to the specified --path , using the secure export command. After you hit enter, you will be prompted for the decrypt passphrase and an encryption passphrase for the exported account. You will also have the option to add a hint to help remember your passphrase.

pocket accounts export <address> --path <path>
pocket accounts export 59f08710afbad0e20352340780fdbf4e47622a7c --path /$HOME/super-secret-dir
Warning

Do not use your node’s account as your personal account address. Since the node’s private key is stored in plaintext on the server, the key is as secure as your server is. Regularly sweep your node’s rewards and transfer them to a more secure account stored offline.

Learn more about securely managing your POKT accounts.

Fund the account

To stake a Validator in Pocket Network, the account must have a balance above the minimum stake:

15,000 POKT or 15,000,000,000 uPOKT

The absolute minimum node stake (15,000 POKT) is not practical for real-world usage. 15,100 is a reasonable buffer against operational slashes which can occur on seemingly properly configured nodes as well as misconfigured and misbehaving ones.

Send POKT with the following command:

pocket accounts send-tx <fromAddr> <toAddr> <uPOKT amount> mainnet 10000 ""

You won’t be able to send POKT using your CLI until you have a Validator set up. Until then, you can use the Wallet app.

If you’re using the testnet, you can fund your account using the Testnet Faucet.

Set the account as Validator

pocket accounts set-validator <address>
Info

Check that it worked with pocket accounts get-validator

Set Relay Chains

A Relay Chain is the blockchain that Validators are running full nodes for in service of Applications. Apps access Relay Chains through the serviceURI, the endpoint where Validators publicly expose the Pocket API.

pocket util generate-chains
> Enter the chain of the network identifier:
<Relay Chain ID> (Example: 0001)
> Enter the URL of the network identifier:
<Secure URL to Relay Chain>
Would you like to enter another network identifier? (y/n)
n
Info

RelayChainIDs can be found here.

Setup the Genesis Configuration File

Genesis files can be found here:

The appropriate genesis file should be placed at $HOME/.pocket/config/genesis.json

mkdir -p "$HOME"/.pocket/config
curl -o "$HOME"/.pocket/config/genesis.json https://raw.githubusercontent.com/pokt-network/pocket-network-genesis/master/mainnet/genesis.json
mkdir -p "$HOME"/.pocket/config
curl -o "$HOME"/.pocket/config/genesis.json https://raw.githubusercontent.com/pokt-network/pocket-network-genesis/master/testnet/genesis.json

Test your node

Test that your node is configured correctly by simulating a relay.

pocket start --simulateRelay

Then send a curl request to your validator URL http://<your node>:<your pocket rpc port>/v1/client/sim to test if your node responds.

curl -X POST --data '{"relay_network_id":"<relay chain ID from chains.json>","payload":{"data":"{\"jsonrpc\":\"2.0\",\"method\":\"eth_getBalance\",\"params\":[\"0xe7a24E61b2ec77d3663ec785d1110688d2A32ecc\", \"latest\"],\"id\":1}","method":"POST","path":"","headers":{}}}' <your node URL>:8081/v1/client/sim

200 OK – your transaction has gone through

400 Bad Request – you either have incorrect/missing parameters in the request or bad formatting in the data field

Finally, stop your node. If you don’t, you’ll be leaving –simulateRelay running, which means anyone will have unfiltered access to your node.

Download the Latest Snapshot

Downloading from the latest snapshot will drastically shorten the time it takes to sync the blockchain. The easiest way is by downloading with wget and extracting the archive as it downloads.

mkdir -p "$HOME"/.pocket/data
wget -qO- https://snapshot.nodes.pokt.network/latest.tar.gz | tar -xz -C "$HOME"/.pocket/data

Other options for downloading the latest snapshot can be found in the pocket-snapshotter repo.

Sync the blockchain

pocket start --seeds=<seeds> --mainnet
pocket start --seeds="64c91701ea98440bc3674fdb9a99311461cdfd6f@node1.mainnet.pokt.network:21656" --mainnet

See the section on seeds for more details.

Warning

Ensure the node is all the way synced before proceeding to the next step.

Stake the Validator

Stake the account to participate in the Network as a Validator. Staking a Validator locks up POKT tokens that can be burned as a security mechanism for bad acting.

pocket nodes stake custodial <address> <amount> <relay_chains> <serviceURI> mainnet 10000 false
pocket nodes stake custodial 3ee61299d5bbbd2974cddcc194d9b547c7629546 20000000000 0001,0002 https://pokt.rocks:443 mainnet 10000 true

You should leave 1 POKT liquid (unstaked) to pay the transaction fees for your node’s claim and proof transactions.

All node runners must always maintain a liquid (unstaked) balance of at least 0.02 POKT in order to submit the claim and proof transactions (which each have a transaction fee of 0.01 POKT) that generate their rewards. If a node successfully submits both the claim and proof, they will earn enough POKT to submit the next claims and proofs, and so on. However, if a node falls below a liquid balance of 0.02 POKT, their revenue will be halted.

Claim transactions have 3 sessions, the ClaimSubmissionWindow, to be successfully submitted after the conclusion of the session in which the work was done, otherwise they are lost. If a claim transaction fails, Pocket Core will auto-repeat the transaction once in each new session, until the claim is lost. This means your node will automatically take 3 attempts to submit the claim. There is a claim submission window because the global secret key that determines the required proof leaf is revealed once that window closes. Extending the claim submission window would delay the time at which the corresponding proof can be sent and rewards earned.

If you manage to successfully submit the claim transaction, you then have 120 blocks, the ClaimExpiration period, to submit the corresponding proof transaction, otherwise the pending claim expires. There is a claim expiration date because otherwise the claims would remain in the state and bloat the blockchain.

Warning

Bad Behavior Warning: Pre-staking

Pre-staking is the act of a node runner staking on a RelayChainID prior to spinning up the RelayChain node. This behavior has an extremely negative impact on the quality of service for new chains due to apps being matched in sessions with Pocket nodes that don’t actually have RelayChain nodes connected to them. If you do this, your node will be challenged and slashed. You should always deploy your RelayChain node and simulate relays before staking your Pocket node for the RelayChainID.

If your stake falls below 15,000 POKT your node will be force-unstake burned. We recommend having a buffer above the 15,000 minimum (e.g. 15,100-16,000) so that minor slashing doesn’t result in loss of the entire stake.

** Achievement Unlocked**

If you staked your node successfully, you just earned your first trophy, which can help you ultimately earn a vote in the DAO. Learn more about how to claim your vote.

Upgrade Your Node

Release-specific Changes

Each release may have specific modifications you need to make. This is just a general guideline for the steps you’ll typically take to upgrade your node. Check the release notes for release-specific details.

1. Shutdown Pocket Core

Stop your Pocket Core instance running by submitting the shutdown command.

pocket stop
Warning

Once you shutdown Pocket Core, you will have 4 blocks (60 minutes) to complete the upgrade and start Pocket Core again before your node gets jailed for downtime.

2. Backup Your Blockchain Data

Backing up your blockchain data will ensure a faster resync when you restart your node.

Navigate inside your $HOME/.pocket/ dir and save data/ (the entire directory):

cp -r ~/.pocket/data ~/backup/data

In the event of a corrupted database you can delete the bad data rm -r ~/.pocket/data and replace it with your backup cp -r ~/backup/data ~/.pocket/data.

Info

If you don’t have a backup, a temporary backup datadir may be provided alongside a release.

3. Ensure the Latest Golang Version

Check your golang version. The release notes will specify which version it should be.

go version

If you need to upgrade, use this guide.

Alternatively, if you use g, you can just run

sudo apt-get update
g install <version number>

4. Rebuild or Upgrade Your Binary

Source

Navigate into pocket-core directory

cd ~/go/src/github.com/pokt-network/pocket-core

Checkout the latest release

git pull
git checkout tags/<release tag>

Rebuild the binary

go build -o $GOPATH/bin/pocket ./app/cmd/pocket_core/main.go

Homebrew

Pull the latest tap

brew upgrade pokt-network/pocket-core/pocket

Docker

Pull the latest container image

docker pull poktnetwork/pocket-core:RC-0.8.2
docker pull poktnetwork/pocket:RC-0.8.2

5. Upgrade Your config.json

Run the update-configs command, which creates a new config file (DATADIR/config/config.json) and backs up the old config file (DATADIR/config/config.json.bk).

pocket util update-configs

You’ll need to manually compare your backup file with the new file to copy over your personal config details.

6. Start Pocket

Start pocket running again.

pocket start

Earn Trophies, Join the DAO

You can earn a vote in the DAO and help shape the future of Pocket Network, including deciding which ecosystem tooling our treasury supports and how we configure important on-chain parameters such as node revenue.

Once you’ve staked your node successfully, join our Discord and report this in the πŸ†trophies channel.

This is your first trophy on the path to earning a vote in the DAO. Learn more on the Node Runners page.

Custodial and non-custodial staking

New in version 0.8.0

Pocket has added the ability for node runners to set up their nodes to run with “non-custodial” staking. This means that the Pocket address that is associated with staking and running the node is not the recipient of the funds once the node is unstaked.

This feature is currently inactive, and will be set to be active at a later date.

Node runners who staked their nodes prior to this activation date will have one opportunity to decide if they want their nodes to have custodial staking or non-custodial staking. After this point, if they wish to switch between the two options, they will need to unstake/restake their node.

Custodial staking

Custodial staking is the process of having the operator of the node be the recipient of the rewards of that node. This is true regardless of whether the node is a servicer or a validator.

In this scenario, only one Pocket account is needed to run a node. This account handles all aspects of node maintenance such as staking, editing the stake, unjailing, and unstaking.

Prior to version 0.8.0, this was the only option that node runners had.

Non-custodial staking

Non-custodial staking is the process of having the operator of the node be a different account from the account that receives the rewards.

In this scenario, there are two Pocket accounts necessary to the staking of a node. One account, the operator account, performs the staking, and can perform any and all node maintenance. The other account, known as the “output” account, is designated to receive the rewards that are unlocked when a node is unstaked. The output account can also initiate the staking.

In addition, this output account has much the same authority over the node as the operator account. The output account can also run node transactions (stake, unstake, unjail, etc.).

Benefits of non-custodial staking

An operator address must reside in a “hot” wallet on the node. This could potentially represent a security risk when the server is operated by a third-party. As third-party node hosting is common, there has arisen a need to have the recipient wallet for rewards not be on the same server as the node.

Non-custodial staking allows for this. All you need to specify is the wallet (“output”) address, which is denoted when staking the node. The wallet can reside off the server.

Another benefit to non-custodial staking is the ability to pool rewards into a single account. Since each node has to have a distinct operator account, this would previously have resulted in rewards being split across multiple wallets, which is inconvenient for a node runner with many nodes.

Commands

The command for staking a node was updated for version 0.8.0 and includes extra parameters. Note that before non-custodial staking becomes active, the custodial command is the only one that will be successful.

Custodial staking:

pocket nodes stake custodial <fromAddr> <amount> <relayChainIDs> <serviceURI> <networkID> <fee> <isBefore8.0>

Non-custodial staking:

pocket nodes stake non-custodial <operatorPublicKey> <outputAddress> <amount> <RelayChainIDs> <serviceURI> <networkID> <fee> <isBefore8.0>

Some notes on these commands:

  • The parameter custodial or non-custodial sets this permanently on your node. You can’t change this later unless you unstake.

  • The flag <isBefore8.0> is boolean. It exists as a transitional variable to denote whether or not the non-custodial activation has occurred. Before activation, you need to set this to true. After activation, you will need to set this to false. Failure to set this correctly will result in the transaction being rejected, with a delay of upwards of one block time to see this rejection.

  • Be aware that the non-custodial command takes the <operatorPublicKey> as the argument, not the operator address (<fromAddr>) like in the custodial command. The reason why the public key is used and not the address is for the situation where the owner of the output address is doing the staking, but does not also have ownership of the operator account. In this case, they may only have the public key for that account.

  • The non-custodial command adds <outputAddress> as the recipient of the staking rewards.

For more information on the full usage of these commands, please see the Pocket Core docs.

Important for existing nodes

If you have a node that was staked prior to the activation of non-custodial staking, you have only one opportunity to switch to non-custodial staking.

Any pocket node command successfully issued (for example, to adjust the stake) will “lock” the node into custodial, unless a non-custodial command is issued with a valid output address. Following this, the only way to switch between custodial and non-custodial is to unstake/restake the node (and recall that there is a 21 day unstake period).

Important for all nodes

Be very careful entering the output address. You cannot change the output address after it is set. If you accidentally mistype the output address, your funds and your stake will be sent to that address and will be lost forever.

If you wish to change your output address, you can first unstake the node, and the rewards will be sent to that address. Then you can restake the node with a new output address.

More information

Seeds

Seed nodes enable newly configured nodes to find peers on the network and store them in their local address book.

Mainnet

  1. 03b74fa3c68356bb40d58ecc10129479b159a145@seed1.mainnet.pokt.network:20656
  2. 64c91701ea98440bc3674fdb9a99311461cdfd6f@seed2.mainnet.pokt.network:21656
  3. 0057ee693f3ce332c4ffcb499ede024c586ae37b@seed3.mainnet.pokt.network:22856
  4. 9fd99b89947c6af57cd0269ad01ecb99960177cd@seed4.mainnet.pokt.network:23856
  5. f2a4d0ec9d50ea61db18452d191687c899c3ca42@seed5.mainnet.pokt.network:24856
  6. f2a9705924e8d0e11fed60484da2c3d22f7daba8@seed6.mainnet.pokt.network:25856
  7. 582177fd65dd03806eeaa2e21c9049e653672c7e@seed7.mainnet.pokt.network:26856
  8. 2ea0b13ab823986cfb44292add51ce8677b899ad@seed8.mainnet.pokt.network:27856
  9. a5f4a4cd88db9fd5def1574a0bffef3c6f354a76@seed9.mainnet.pokt.network:28856
  10. d4039bd71d48def9f9f61f670c098b8956e52a08@seed10.mainnet.pokt.network:29856
  11. 5c133f07ed296bb9e21e3e42d5f26e0f7d2b2832@poktseed100.chainflow.io:26656
  12. 361b1936d3fbe516628ebd6a503920fc4fc0f6a7@seed.pokt.rivet.cloud:26656
pocket start --seeds="03b74fa3c68356bb40d58ecc10129479b159a145@seed1.mainnet.pokt.network:20656,64c91701ea98440bc3674fdb9a99311461cdfd6f@seed2.mainnet.pokt.network:21656,0057ee693f3ce332c4ffcb499ede024c586ae37b@seed3.mainnet.pokt.network:22856,9fd99b89947c6af57cd0269ad01ecb99960177cd@seed4.mainnet.pokt.network:23856,f2a4d0ec9d50ea61db18452d191687c899c3ca42@seed5.mainnet.pokt.network:24856,f2a9705924e8d0e11fed60484da2c3d22f7daba8@seed6.mainnet.pokt.network:25856,582177fd65dd03806eeaa2e21c9049e653672c7e@seed7.mainnet.pokt.network:26856,2ea0b13ab823986cfb44292add51ce8677b899ad@seed8.mainnet.pokt.network:27856,a5f4a4cd88db9fd5def1574a0bffef3c6f354a76@seed9.mainnet.pokt.network:28856,d4039bd71d48def9f9f61f670c098b8956e52a08@seed10.mainnet.pokt.network:29856,5c133f07ed296bb9e21e3e42d5f26e0f7d2b2832@poktseed100.chainflow.io:26656,361b1936d3fbe516628ebd6a503920fc4fc0f6a7@seed.pokt.rivet.cloud:26656" --mainnet

Testnet

  1. 3487f08b9e915f347eb4372b406326ffbf13d82c@testnet-seed-1.nodes.pokt.network:4301
  2. 27f4295d1407d9512a25d7f2ea91d1a415660c16@testnet-seed-2.nodes.pokt.network:4302
  3. 0beb1a93fe9ce2a3b058b98614f1ed0f5ad664d5@testnet-seed-3.nodes.pokt.network:4303
  4. 8fd656162dbbe0402f3cef111d3ad8d2723eef8e@testnet-seed-4.nodes.pokt.network:4304
  5. 80100476b67fea2e94c6b2f72e40cf8f6062ed21@testnet-seed-5.nodes.pokt.network:4305
  6. 370edf0882e094e83d4087d5f8801bbf24f5d931@testnet-seed-6.nodes.pokt.network:4306
  7. 57aff5a049846d14e2dcc06fdcc241d7ebe6a3eb@testnet-seed-7.nodes.pokt.network:4307
  8. 545fb484643cf2efbcf01ee2b7bc793ef275cd84@testnet-seed-8.nodes.pokt.network:4308
pocket start --seeds="3487f08b9e915f347eb4372b406326ffbf13d82c@testnet-seed-1.nodes.pokt.network:4301,27f4295d1407d9512a25d7f2ea91d1a415660c16@testnet-seed-2.nodes.pokt.network:4302,0beb1a93fe9ce2a3b058b98614f1ed0f5ad664d5@testnet-seed-3.nodes.pokt.network:4303,8fd656162dbbe0402f3cef111d3ad8d2723eef8e@testnet-seed-4.nodes.pokt.network:4304,80100476b67fea2e94c6b2f72e40cf8f6062ed21@testnet-seed-5.nodes.pokt.network:4305,370edf0882e094e83d4087d5f8801bbf24f5d931@testnet-seed-6.nodes.pokt.network:4306,57aff5a049846d14e2dcc06fdcc241d7ebe6a3eb@testnet-seed-7.nodes.pokt.network:4307,545fb484643cf2efbcf01ee2b7bc793ef275cd84@testnet-seed-8.nodes.pokt.network:4308" --testnet

Node Tutorials

This section contains tutorials for various actions a typical node user may wish to undertake.

The following tutorial, Zero To Node, wlil show you a step-by-step way to set up a Pocket Node on hosted hardware.

Zero To Node

Welcome to Zero To Node! This is a step-by-step guide for setting up a Pocket node. While there are many different ways to set up a node, the focus of this tutorial is on keeping things simple and with the minimum of steps, while still focusing on security and stability.

This guide is broken down into five parts:

Background

The main utility of a Pocket node is to relay transactions to other blockchains. So, Pocket nodes need access to other nodes for the blockchains they’ll be relaying to. However, the focus of this guide is just on setting up a Pocket node that will relay to the Pocket network, essentially, through itself. Setting up nodes for other blockchains such as Harmony, Ethereum, or any of the other supported blockchains is beyond the scope of this guide.

After completing the steps outlined here, you’ll have a fully functional Pocket node up and running. If you choose, you can also opt to stake your node and earn rewards. We’ll cover that here, but staking is not required unless you want to earn rewards.

Who is this guide for?

This guide is for anyone interested in running Pocket nodes. While the goal is to keep things simple, the assumption is that you have some general blockchain and computer networking knowledge, and some Linux terminal experience.

What you’ll need

In order to complete this guide, you’ll need:

  1. A server connected to the internet
  2. A domain name
  3. The ability to add DNS records for your domain
  4. 15,100 POKT (if you want to stake your node)
  5. About 2-4 hours to complete and test everything

Part 1 – Server setup

This section will help you set up and configure a server to prepare it for being a Pocket node.

Setup a server

The first thing you’ll need to run a Pocket node is a server. For this guide, we’ll be using a virtual machine on the Linode cloud service. But, you could use any cloud service you like.

Info

Pocket has no affiliation with Linode and does not recommend any one provider over another. The general steps outlined here should work for most cloud providers.

Let’s start by creating a Linode instance (a virtual machine).

Creating a Linode instance

To create a Linode instance, do the following:

  1. Get a Linode account and login.
  2. Create a new Linode with the following specifications:
    • Image / Distribution: Ubuntu 20.04 LTS
    • Region: Atlanta, GA
    • Linode Plan: Dedicated 16 GB - 8 CPU, 320 GB Storage, 16 GB RAM
    • Linode Label: pokt001
  3. Wait for the Linode to be created and show up as running in the web interface.
Info

For a more detailed guide on setting up a Linode instance, see the Linode docs. Also, note that the Atlanta, GA region was selected for this guide because it supports NVMe storage which is preferable for running nodes. Check to see which other regions support NVMe storage.

Configure DNS

Now that the Linode instance is created and running, you’ll need to set up a DNS record that points to the IP address of the Linode instance.

Pocket nodes require a DNS name. DNS (Domain Name Service) names are used to map an IP address to more human-friendly names. So rather than referencing a server with an address like 134.23.153.21 we can use a name like pokt001.pokt.run.

Info

Most domain registrars allow you to add DNS records. Please refer to the DNS setup documentation for your provider.

Specifically, you’ll need to add an A record for the domain name. For the exact steps, consult the DNS documentation for your provider. Then create a record with the following information:

  • Name: pokt001
  • Type: A
  • Value: {Linode_IP_Address}
  • TTL: 300

After setting up your DNS record, wait a few minutes for the DNS to propagate. Then use the following command to check that the DNS record is working:

Info

The examples in this tutorial will use pokt001 as the server on the pokt.run domain, so pokt001.pokt.run will be used as the DNS name. Please replace this throughout with your own server and domain name.

ping -c 3 pokt001.pokt.run

You should see a response that looks something like this:

64 bytes from 134.23.153.21: icmp_seq=0 ttl=47 time=92.403 ms
64 bytes from 134.23.153.21: icmp_seq=1 ttl=47 time=142.828 ms
64 bytes from 134.23.153.21: icmp_seq=2 ttl=47 time=182.456 ms

If the IP address matches the IP address of your Linode instance, you’re all set!

Info

It can sometimes take longer than a minute for the DNS to propagate. So, be patient if things don’t seem to work right away.

Login with SSH

Now that we have a DNS record setup, we will look at using SSH to log in and continue the setup process.

The Secure Shell Protocol (SSH) is a secure way to connect to your Linode instance from a remote machine, like your local computer. We’ll be using SSH to complete the remainder of the setup process.

SSH from Mac or Linux

If you’re using a Mac, or Linux, on your local computer, you can SSH into your node by doing the following:

  • Open a terminal

  • SSH into your node using the following command:

    ssh root@pokt001.pokt.run
    
Info

Don’t forget to replace pokt001.pokt.run with your DNS name.

You’ll be prompted for your password. This is the root password that you set when you created your Linode.

SSH from Windows

Windows 10 and later have a built-in SSH client. You can use SSH on Windows by doing the following:

  • Open the Windows terminal

  • SSH into your node using the following command:

    ssh root@pokt001.pokt.run
    
Info

Don’t forget to replace pokt001.pokt.run with your DNS name.

If you’re using an older version of Windows, you might need to install PuTTY or some other SSH client.

Set the hostname

At this point you should be logged into your node as the root user.

In a previous step, we set the DNS name for the node. Now we’ll use the same name for the hostname on the server.

To set the server hostname use the following steps:

  1. Open the /etc/hostname file with the following command:

    nano /etc/hostname
    
  2. Change the localhost value to the fully qualified hostname of your node (for example, pokt001.pokt.run).

  3. Save the file with Ctrl+O and then Enter.

  4. Exit nano with Ctrl+X.

  5. Reboot the server with the following command:

    reboot
    
  6. Wait for the server to reboot then ssh back in as the root user before continuing on.

Create a user

For security reasons it’s best not to use the root user. Instead, it’s better to create a new user and add the user to the sudo group.

Also, by default, the Pocket CLI will place the data directory for the node in the user’s home directory. So, when you create a new user, you’ll want to make sure the home directory is on a volume that has plenty of room for the data directory.

Warning

At the time of writing, Pocket requires approximately 200GB of disk space for its blockchain data. The following user setup steps assumes that the location of your user’s home directory is on a volume with enough room for the pocket data.

Creating a new user

To create a new user and home directory, enter the following commands:

  1. Create a new user named pocket, add it to the sudo group, and set the default shell to bash. If you want to specify the location of the home directory, you can use the -d option followed by the path to the home directory:

    useradd -m -g sudo -s /bin/bash pocket && passwd pocket
    
  2. For the rest of this guide, we’ll be using the pocket user. So now that the pocket user is created, you can switch from using root to the pocket user with the following command:

    su - pocket
    

Configure SSH Key Login (Optional):

While not required, using an SSH key provides a more secure means of accessing your server.

Using an SSH key removes the ability for credentials to be sniffed in the login process, and removes the pitfalls that can often come with user generated passwords since the key will truly be random.

One important thing to understand, is that without access to the ssh key, you won’t be able to log into your node. If you intend on accessing your node from multiple computers, it’s recommended that you repeat the Generate Key and Upload Key steps from each computer that you intend to access your node from before moving on to the Disable Root Login and Password Authentication step.

  1. Log Out

    At the terminal you’ll need to enter the logout command twice. The first logout logs you out of the pocket user, back to the root user, and the second logout logs you out of the server and back to your terminal.

  2. Generate Key

    Next, we’ll generate an ssh key. To do that you’ll run the ssh-keygen command. You’ll be prompted to specify the file you want to save the key to, and for a password. Specifying a password means that if someone has access to your key, they’d still need to know the password to be able to use it to login. To create the key, do the following:

    • Run the ssh-keygen command

      ssh-keygen -t rsa -b 4096
      
    • Enter file in which to save the key (~/.ssh/id_rsa)

    • Enter a passphrase (empty for no passphrase)

    • Enter same passphrase again

    The results should looking something like the following:

    The key fingerprint is:
    SHA256:jr2MLXIha188wYsp/bNflN9BuqQ3LWCAXJNTtHO7sWk
    The key's randomart image is:
    +---[RSA 4096]----+
    |         o+o     |
    |      . oo. .    |
    |       o ..o . . |
    |       .  . o.+  |
    |        S  oo= . |
    |    ...B o..+.B..|
    |    .o=.B  ..E...|
    |    +.o*.o .o o  |
    |   . +o.*+.      |
    +----[SHA256]-----+
    
  3. Upload Key

    Now we’re going to upload the key so that we can use it to log into the pocket user. If you choose a different path for the ssh key, it’s important to replace the ~/.ssh/id_rsa with the key you used.

    ssh-copy-id -i ~/.ssh/id_rsa pocket@pokt001.pokt.run
    
  4. Disable Root Login and Password Authentication

    Now we’re now going to configure ssh to no longer allow root logins, and to not allow any password based login attempts. Meaning without access to the ssh key for the pocket user, no one will be able to log into the server.

    First we’ll need to log back into the server:

    ssh pocket@pokt001.pokt.run
    

    From there, we’ll want to open the /etc/ssh/sshd_config file to make some changes to the default configuration:

    sudo nano /etc/ssh/sshd_config
    

    Once there, we’ll need to find and change the following lines:

    • #PermitRootLogin prohibit-password -> PermitRootLogin no
    • #PubkeyAuthentication yes -> PubkeyAuthentication yes
    • #PasswordAuthentication yes -> PasswordAuthentication no

    Once changed, Ctrl-O followed by Enter will save the changes, and Ctrl-X will exit nano back to the terminal.

    Then we’ll need to restart the ssh server for these changes to take effect:

    sudo systemctl restart sshd.service
    
  5. Verify Everything Works

    The last step is to log out of the server, and try logging back in. If you’re no longer prompted for a password, then everything is working as expected.

That’s it for the server setup! Continue on to install the necessary software.

Part 2 – Software installation

This section will help you install all the necessary software for your node.

Install dependencies

Now let’s move on to the Pocket CLI installation.

At this point you should be logged in via SSH as the pocket user that we set up in a previous step. Before we install the Pocket software, we need to update the existing system packages and add a few dependencies.

Updating system packages

  1. Update the repository index with the following command:
    sudo apt update
    
  2. Update the distribution with the following command:
    sudo apt dist-upgrade -y
    

After the update completes, we’re ready to install the dependencies.

Installing dependencies

There are a handful of dependencies but installing them won’t take long. Also, some might already be installed. So if one of the dependencies exists, you can just move on to the next one.

git

sudo apt-get install git -y

build tools

sudo apt-get install build-essential -y

curl

sudo apt-get install curl -y

file

sudo apt-get install file -y

nginx

sudo apt install nginx -y

certbot

sudo apt install certbot -y

python3-certbot-nginx

sudo apt-get install python3-certbot-nginx -y

jq

sudo apt install jq -y

Install Go

After installing the dependencies, there is one more dependency we’ll need to add, and that’s Go. Go (sometimes known as “Golang”) is the programming language that the Pocket software was written in.

We could install Go using apt, but we want to get the latest stable version which probably isn’t available by default in the apt repository. So, we’ll use the steps below to install Go.

  1. Make sure you’re in the pocket home directory.
    cd ~
    
  2. Find the latest version of Go from https://golang.org/dl/ then download it with the following command. (Make sure to change the link below to point to the correct version of Go.)
    wget https://dl.google.com/go/go1.17.7.linux-amd64.tar.gz
    
  3. Extract the archive:
    sudo tar -xvf go1.17.7.linux-amd64.tar.gz
    
  4. Set permissions on the extracted files:
    sudo chown -R pocket ./go
    
  5. Add Go to the PATH:
    echo 'export PATH=$PATH:$HOME/go/bin' >> ~/.profile
    
  6. Set the GOPATH and GOBIN environment variables:
    echo 'export GOPATH=$HOME/go' >> ~/.profile
    
    echo 'export GOBIN=$HOME/go/bin' >> ~/.profile
    
  7. Reload your .profile:
    source ~/.profile
    
  8. Verify the installation:
    go version
    
    You should see something like this:
    go version go1.17.7 linux/amd64
    
    Make sure the version number matches the version you downloaded. If the go version command doesn’t work, try logging out and logging back in.
  9. Verify the GOPATH and GOBIN variables are set correctly:
    go env
    
    You should see the GOPATH and GOBIN variables set correctly.

Install Pocket

After you can verify that you have the latest stable version of Go, we’re ready to install the Pocket software.

We’ll be downloading Pocket Core from GitHub and then compiling it with Go to get it fully installed.

To download and install Pocket Core, do the following:

  1. Create a project directory:
    sudo mkdir -p $GOPATH/src/github.com/pokt-network
    
  2. Change to the project directory:
    cd $GOPATH/src/github.com/pokt-network
    
  3. Clone the Pocket Core repository:
    sudo git clone https://github.com/pokt-network/pocket-core.git
    
  4. Change to the code directory:
    cd pocket-core
    
  5. Checkout the latest version. You can find the latest tag by going to https://github.com/pokt-network/pocket-core/tags.
    sudo git checkout tags/RC-0.8.2
    
  6. Build project code:
    go build -o $GOPATH/bin/pocket $GOPATH/src/github.com/pokt-network/pocket-core/app/cmd/pocket_core/main.go
    
  7. Test that the build succeeded:
    pocket version
    

That’s it for the software installation. Now let’s move on to the Pocket core configuration.

Part 3 – Pocket configuration

This section will help you configure your instance of Pocket.

Create a Pocket wallet account

Pocket nodes are associated with a Pocket wallet account. This is the account that will be used to send and receive transactions from the node. You can either create a new account using the Pocket CLI we just installed, or you can use an existing account. For this guide, we’ll be creating a new account.

Creating an account

To create an account, run the following command:

pocket accounts create

You’ll be prompted to set a passphrase for the account. You can use any passphrase you like but for security reasons, it’s best to use a passphrase that is at least 12 characters long, preferably longer.

Listing accounts

After you’ve created the account you can use the pocket accounts list command to confirm that the account was added successfully.

pocket accounts list

Setting the validator address

Next, to set the account as the one the node will use, run the following command:

pocket accounts set-validator {YourAccountAddress}

Confirm the validator address

Finally, you can confirm that the validator address was set correctly by running the following command:

 pocket accounts get-validator

Create config.json

The Pocket core software uses a config file to store configuration details. By default the config file is located at ~/.pocket/config/config.json. In this step we’ll look at how to create a new config file.

To create a new config file:

  1. Run the following command, which will create the default config.json file, add the seeds, set port 8081 to 8082, and increase the RPC timeout value:

    echo $(pocket util print-configs) | jq '.tendermint_config.P2P.Seeds = "03b74fa3c68356bb40d58ecc10129479b159a145@seed1.mainnet.pokt.network:20656,64c91701ea98440bc3674fdb9a99311461cdfd6f@seed2.mainnet.pokt.network:21656,0057ee693f3ce332c4ffcb499ede024c586ae37b@seed3.mainnet.pokt.network:22856,9fd99b89947c6af57cd0269ad01ecb99960177cd@seed4.mainnet.pokt.network:23856,1243026603e9073507a3157bc4de99da74a078fc@seed5.mainnet.pokt.network:24856,6282b55feaff460bb35820363f1eb26237cf5ac3@seed6.mainnet.pokt.network:25856,3640ee055889befbc912dd7d3ed27d6791139395@seed7.mainnet.pokt.network:26856,1951cded4489bf51af56f3dbdd6df55c1a952b1a@seed8.mainnet.pokt.network:27856,a5f4a4cd88db9fd5def1574a0bffef3c6f354a76@seed9.mainnet.pokt.network:28856,d4039bd71d48def9f9f61f670c098b8956e52a08@seed10.mainnet.pokt.network:29856,5c133f07ed296bb9e21e3e42d5f26e0f7d2b2832@poktseed100.chainflow.io:26656"' | jq '.pocket_config.rpc_timeout = 15000' | jq '.pocket_config.rpc_port = "8082"' | jq '.pocket_config.remote_cli_url = "http://localhost:8082"' | jq . > ~/.pocket/config/config.json
    
    Warning
    This is a long command! Make sure you've copied it completely.
    
  2. Verify the config.json file setting by viewing the contents of the file:

    cat ~/.pocket/config/config.json
    

Create chains.json

Pocket nodes relay transactions to other blockchains. So, you’ll need to configure the chains your node can relay to. For this guide, we’ll just be setting up our node to relay to the Pocket mainnet blockchain, essentially through itself.

To maximize your rewards, you’ll want to relay to other chains. We’ll cover that in more detail later but here is a list of other blockchains you could relay to.

Generating a chains.json file with the CLI

You can use the Pocket CLI to generate a chains.json file for your node by running the following command:

pocket util generate-chains

This will prompt you for the following information:

  • Enter the ID of the Pocket network identifier:
    0001
    
  • Enter the URL of the network identifier. Use http://127.0.0.1:8081/ if you’re not running a validator node:
    http://127.0.0.1:8082/
    

When you’re prompted to add another chain, enter n for now.

Info

By default the chains.json file will be created in ~/.pocket/config. You can use the --datadir flag to create the chains.json file in an alternate location. For example: pocket util generate-chains --datadir "/mnt/data/.pocket".

Create genesis.json

Now that we have a chains.json file set up, so we can move on to test our node.

When you start a Pocket node for the first time, it will need to find other nodes (peers) to connect with. To do that we use a file named genesis.json with details about peers the node should connect to get on the network.

To create a JSON file with the genesis information:

  1. Change to the .pocket/config directory:
    cd ~/.pocket/config
    
  2. Use the following command to get the genesis.json file from GitHub:
    wget https://raw.githubusercontent.com/pokt-network/pocket-network-genesis/master/mainnet/genesis.json genesis.json
    

Set open file limits

Ubuntu and other UNIX-like systems have a ulimit shell command that’s used to set resource limits for users. One of the limits that can be set is the number of open files a user is allowed to have. Pocket nodes will have a lot of files open at times, so we’ll want to increase the default ulimit for the pocket user account.

Increasing the ulimit

  1. Before increasing the ulimit, you can check the current ulimit with the following command:
    ulimit -n
    
  2. Increase the ulimit to 16384. The -Sn option is for setting the soft limit on the number of open files:
    ulimit -Sn 16384
    
  3. Check the new ulimit to confirm that it was set correctly. The -n option is for getting the limit for just the number of open files:
    ulimit -n
    

Permanent settings

Using the above method for setting the ulimit only keeps the change in effect for the current session. To permanently set the ulimit, you can do the following:

  1. Open the /etc/security/limits.conf file.
    sudo nano /etc/security/limits.conf
    
  2. Add the following line to the bottom of the file:
    pocket           soft    nofile          16384
    
  3. Save the file with Ctrl+O and then Enter.
  4. Exit nano with Ctrl+X.

After permanently setting the ulimit, the next thing we’ll do is download a snapshot of the Pocket blockchain.

Download snapshot

Rather than synchronizing your Pocket node from block zero (which could take weeks), you can use a snapshot. A snapshot of the Pocket blockchain is taken every 12 hours and can be downloaded using the instructions on the Pocket Snapshots Repository README page.

Info

As of this writing, the snapshots are refreshed every 12 hours. In the GitHub repo you can look at when the README.md file was last updated to determine when the last snapshot was taken. It’s best to download the snapshot that is less than a few hours old.

Here are the steps for download the snapshot using the wget command:

  1. Change into the .pocket directory.
    cd ~/.pocket
    
  2. Make a directory named data and change into it.
    mkdir data && cd data
    
  3. Download the latest snapshot using the following command:
    wget -qO- https://snapshot.nodes.pokt.network/latest.tar.gz | tar xvfz -
    
  4. Make the pocket user the owner of the data directory.
    sudo chown -R pocket ~/.pocket/data
    
Warning

This process can take a few hours depending on your internet connection.

Configure systemd

Next, we’ll configure the Pocket service using systemd, a Linux service manager. This will enable the Pocket node to run and restart even when we’re not logged in.

Creating a systemd service in Linux

To setup a systemd service for Pocket, do the following:

  1. Open nano and create a new file called pocket.service:

    sudo nano /etc/systemd/system/pocket.service
    
  2. Add the following lines to the file:

    [Unit]
    Description=Pocket service
    After=network.target
    Wants=network-online.target systemd-networkd-wait-online.service
    
    [Service]
    User=pocket
    Group=sudo
    ExecStart=/home/pocket/go/bin/pocket start
    ExecStop=/home/pocket/go/bin/pocket stop
    
    [Install]
    WantedBy=default.target
    
  3. Make sure the User is set to the user that will run the Pocket service.

  4. Make sure the ExecStart and ExecStop paths are set to the path for the Pocket binary.

  5. Save the file with Ctrl+O and then return.

  6. Exit nano with Ctrl+X.

  7. Reload the service files to include the pocket service:

    sudo systemctl daemon-reload
    
  8. Start the pocket service:

    sudo systemctl start pocket.service
    
  9. Verify the service is running:

    sudo systemctl status pocket.service
    
  10. Stop the pocket service:

    sudo systemctl stop pocket.service
    
  11. Verify the service is stopped:

    sudo systemctl status pocket.service
    
  12. Set the service to start on boot:

    sudo systemctl enable pocket.service
    
  13. Verify the service is set to start on boot:

    sudo systemctl list-unit-files --type=service
    
  14. Start the pocket service:

    sudo systemctl start pocket.service
    

Other systemctl commands

  • To restart the service:

    sudo systemctl restart pocket.service
    
  • To prevent the service from starting on boot:

    sudo systemctl disable pocket.service
    
  • To see mounted volumes:

    sudo systemctl list-units --type=mount
    
    Info
    If your pocket data is on a separate partition, you can use the following command in the `pocket.service` file to mount it before the pocket service starts.
        ```
        After=network.target mnt-data.mount
        ```
    

    This ensures that the network is up and the volume is mounted before the pocket service starts.

Viewing the logs

To view the logs for the pocket service:

sudo journalctl -u pocket.service

To view just the last 100 lines of the logs (equivalent to the tail -f command):

sudo journalctl -u pocket.service -n 100 --no-pager

Finding Errors

You can use grep to find errors in the logs.

sudo journalctl -u pocket.service | grep -i error

Alright, we’re just about done. We just need to setup an HTTP proxy and we’ll be ready to go live. We’ll setup the proxy next.

Part 4 – Proxy configuration

This section will help you set up the proxy setting on your node.

Setup SSL

Pocket requires that nodes have an SSL certificate for secure communications. SSL (Secure Sockets Layer) is a layer of security that sits on top of TCP/IP. It’s used to encrypt the data sent between a client and a server. To use SSL, you need to have a certificate and a key. Thankfully, getting an SSL certificate is straightforward and free.

To get a certificate, we’ll be using Let’s Encrypt which is a service that issues SSL certificates for free. We’ll also be using software called certbot to register, install, and renew the certificate.

Registering an SSL certificate

We installed certbot in a previous step so we just need to use it to request a certificate.

To get a certificate, we’ll need to use the certbot command with the following options:

  • --register-unsafely-without-email: This option is required to get a certificate without an email address.
  • --agree-tos: This option is required to agree to the Let’s Encrypt Terms of Service.
  • --nginx: This option is required to use the nginx plugin.
  • --no-redirect: This option is required to disable the redirect to the Let’s Encrypt website.
  • --domain: This option is required to specify the domain name.

Here’s an example of how to request a certificate. Just replace $HOSTNAME with the DNS name of your node:

sudo certbot --nginx --domain $HOSTNAME --register-unsafely-without-email --no-redirect --agree-tos

The output from this command should confirm that the certificate was successfully registered.

Testing your certificate

To be sure, you’ll also want to test that the certificate is working.

There is a command that certbot provides to test your certificate. It’s used for testing the auto-renewal of the certificate but it also confirms that the certificate is working. You can run it using the following command:

sudo certbot renew --dry-run

The resulting output should confirm that the certificate is working.

Configure Nginx

Nginx is a web server. We installed it in aprevious step but we need to do some additional configuration.

Nginx uses config files to define servers and routes for incoming requests. For Pocket nodes, nginx needs to relay public requests to a local HTTP server that pocket core is running. This is referred to as the proxy. We’ll also need to proxy requests made by the Pocket CLI. For example, when we run the command pocket query height, the CLI makes an http request to the node’s local HTTP server.

Config files

The nginx configuration files we’re interested in are located in the /etc/nginx/sites-available/ directory. In that directory there is a default configuration file named default. This is the configuration that is created when you install nginx, but we’ll be creating our own for our node.

To configure nginx:

  1. Confirm the name of your SSL certificate:
    sudo ls /etc/letsencrypt/live/
    
  2. Create a new config file with nano:
    sudo nano /etc/nginx/sites-available/pocket
    
  3. Add the following code but change the hostname values (pokt001.pokt.run) to your node’s DNS hostname:
    server {
        listen 80 default_server;
        listen [::]:80 default_server;
    
        root /var/www/html;
    
        index index.html index.htm index.nginx-debian.html;
    
        server_name _;
    
        location / {
            try_files $uri $uri/ =404;
        }
    }
    
    server {
        add_header Access-Control-Allow-Origin "*";
        listen 80 ;
        listen [::]:80 ;
        listen 8081 ssl;
        listen [::]:8081 ssl;
    
        root /var/www/html;
    
        index index.html index.htm index.nginx-debian.html;
    
        server_name pokt001.pokt.run;
    
        location / {
            try_files $uri $uri/ =404;
        }
    
        listen [::]:443 ssl ipv6only=on;
        listen 443 ssl;
    
        ssl_certificate /etc/letsencrypt/live/pokt001.pokt.run/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/pokt001.pokt.run/privkey.pem;
    
        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
    
        access_log /var/log/nginx/reverse-access.log;
        error_log /var/log/nginx/reverse-error.log;
    
        location ~* ^/v1/client/(dispatch|relay|challenge|sim) {
            proxy_pass http://127.0.0.1:8082;
            add_header Access-Control-Allow-Methods "POST, OPTIONS";
            allow all;
        }
    
        location = /v1 {
            add_header Access-Control-Allow-Methods "GET";
            proxy_pass http://127.0.0.1:8082;
            allow all;
        }
    }
    
  4. Save the change with Ctrl+O.
  5. Exit nano with Ctrl+X.
  6. Stop nginx with:
    sudo systemctl stop nginx
    
  7. Disable the default configuration:
    sudo rm /etc/nginx/sites-enabled/default
    
  8. Enable our new configuration:
    sudo ln -s /etc/nginx/sites-available/pocket /etc/nginx/sites-enabled/pocket
    
  9. Start nginx:
    sudo systemctl start nginx
    

Enable UFW

We’re almost done, but before we finish we’ll make our server more secure by setting firewall rules to limit network exposure. The Uncomplicated Firewall (UFW) is a security tool that makes configuring the firewall reasonably simple. We’ll use it to disable unnecessary ports.

Ports you need to open

For running a Pocket node, you’ll need to open the following ports:

  • 22: SSH
  • 80: HTTP
  • 443: HTTPS
  • 8081: For the Pocket HTTP API
  • 26656: For the Pocket RPC API

Use UFW to disable unnecessary ports

To use UFW to configure the firewall:

  1. Enable UFW. When prompted, press y to confirm:

    sudo ufw enable
    
  2. Set the default to deny all incoming connections:

    sudo ufw default deny
    
  3. Allow the SSH port:

    sudo ufw allow ssh
    
  4. Allow port 80:

    sudo ufw allow 80
    
  5. Allow port 443:

    sudo ufw allow 443
    
  6. Allow port 8081:

    sudo ufw allow 8081
    
  7. Allow port 26656:

    sudo ufw allow 26656
    

That’s it for the UFW setup. Let’s just check the status to confirm the ports are open. To do that, run the following command:

sudo ufw status

After confirming only the necessary ports are open, you can move on to the final steps.

Part 5 – Going live

This section will details the final steps in going live with your node.

Test everything

At this point your Pocket node should be up and running!

But you’ll want to test it to confirm. The following are some of the things you can do to test your Pocket Node.

Make sure the Pocket process is running

The first thing to check is that the pocket service is running. You can do that by running the following command:

top -b -n 1 | grep pocket

You should see output similar to the following:

  44871 root      20   0 1018268  33948  21448 S   0.0   0.4   0:00.17 pocket

Block height

You’ll want to check that the node is fully synced with the Pocket blockchain. The easiest way is to run the following command:

pocket query height

The result should look something like the following.

{
    "height": 48161
}

Network status

Another way to see if your node is fully synced is to check the status with the following command:

curl http://127.0.0.1:26657/status

The result should look something like the following. Note the highlighted property catching_up which indicates if the node is catching up with the blockchain or fully synced. In the example below, the node is fully synced.

{
  "jsonrpc": "2.0",
  "id": -1,
  "result": {
    "node_info": {
      "protocol_version": {
        "p2p": "7",
        "block": "10",
        "app": "0"
      },
      "id": "80b80c106115259349df8ef06267cff7bbabd194",
      "listen_addr": "tcp://0.0.0.0:26656",
      "network": "mainnet",
      "version": "0.33.7",
      "channels": "4020212223303800",
      "moniker": "localhost",
      "other": {
        "tx_index": "on",
        "rpc_address": "tcp://127.0.0.1:26657"
      }
    },
    "sync_info": {
      "latest_block_hash": "F39BBF5C64D9E02E28DDBB8640F84A22CFAE1727CFBC72537982EF5914E4BB25",
      "latest_app_hash": "6198835747411135C1F812CB45FA5621D5ADB63342EC0678C20879D7D39F03B5",
      "latest_block_height": "50021",
      "latest_block_time": "2022-02-04T12:16:10.77575197Z",
      "earliest_block_hash": "7D551967CB8BBC9F8C0EAE78797D0576951DDA25CE63DF1801C020478C0B02F8",
      "earliest_app_hash": "",
      "earliest_block_height": "1",
      "earliest_block_time": "2020-07-28T15:00:00Z",
      "catching_up": false
    },
    "validator_info": {
      "address": "80B80C106115259349DF8EF06267CFF7BBABD194",
      "pub_key": {
        "type": "tendermint/PubKeyEd25519",
        "value": "ee+o9bKqCbAO13FgWTLmJdi9hhfYg8AHsif5430uz8A="
      },
      "voting_power": "0"
    }
  }
}

Make sure your node is visible to other nodes

You’ll also want to make sure your node is accessible to other nodes.

To test and confirm your node is visible to other nodes on the public network, you’ll make an HTTP request using the public DNS name for the node. You can use the following command to make that request:

curl https://pokt001.pokt.run:8081/v1
Info

As always, don’t forget to change pokt001.pokt.run to the DNS name for your node.

This should return something like the following. This is the version of pocket-core that is running.

"RC-0.8.2"

Staking your node

To earn POKT rewards, you’ll need to stake at least 15,000 POKT. That said, you should stake at least 15,100 POKT or more to be safe. This provides a little extra room in case your node gets slashed (penalized) for some reason.

Warning

Please make sure that you understand the risks associated with staking POKT and running a Pocket node.

If you’re using the Pocket CLI to fund an account, keep in mind that the CLI uses uPOKT (the smallest unit of POKT) for its calculations. The formula for converting POKT to uPOKT is: uPOKT = POKT * 10^6. So, multiplying 15050 POKT by 10^6 (one million) will result in 15050000000 uPOKT.

Also keep in mind that there is a cost for every transaction you send. At the moment, that cost is a flat fee of 0.01 POKT, or 10000 uPOKT, but this may be subject to change.

  1. List your accounts:
    pocket accounts list
    
  2. Confirm the validator account is set:
    pocket accounts get-validator
    
  3. Confirm the validator account has enough POKT. This should be at least 15,101 POKT. You’ll want 15,100 to stake and a bit more for network fees:
    pocket query balance {YourValidatorAddress}
    
  4. Stake your node, making sure to enter the correct details for your setup:
    pocket nodes stake custodial {YourValidatorAddress} 15100000000 {ChainIDs} https://{hostname}:443 mainnet 10000 true
    
Info

The {ChainIDs} placeholder should be a list of relay chain IDs that are defined in your ~/.pocket/config/chains.json file. In this guide we only set up 0001, but if you were relaying to multiple chains, each id would be separated by a comma. For example, 0001,0022,0040.

Info

As of RC-0.8.2 there are two staking methods: custodial and non-custodial. The custodial method is used in the example above.

After you send the stake command, you’ll be prompted for your passphrase, then you should see something like this:

http://localhost:8082/v1/client/rawtx
{
    "logs": null,
    "txhash": "155D46196C69F75F85791C4190D384B8BAFFBBEFCC5D1311130C54A1C54435A7"
}

The actual time it takes to stake will vary depending on when the last block was processed, but generally, it should take less than 15 minutes.

Confirm your node is live

After you’ve staked your node, you can confirm it’s live by running the following command:

pocket query node {YourValidatorAddress}

If you see something like the following, it just means your node is not live yet:

http://localhost:8082/v1/query/node
the http status code was not okay: 400, and the status was: 400 Bad Request, with a response of {"code":400,"message":"validator not found for 07f5084ab5f5246d747fd1154d5d4387ee5a7111"}

If this happens, please wait a few minutes and try again.

Tutorial complete

Congratulations! You’ve successfully set up a Pocket node.

There’s more to running a Pocket node than this, such as maintenance, upgrades, and other administrative tasks, but hopefully this has gotten you started and on the right path. Thank you for doing your part to help decentralize Web3!

Automated Deployments

The following services can help automate your node deployments:

Warning: Use at your own risk. These links are not directly associated with Pocket Network and do not constitute an endorsement, guarantee, warranty, or recommendation by Pocket Network, Inc., Pocket Network Foundation, or the Pocket DAO. Do conduct your own due diligence before deciding to use any third party services.

Node-Hosting Services

If you are interested in staking your POKT in a node but don’t have the time or technical know-how, below you will find a link to the available options to have your node operated by a third-party.

If you don’t have enough POKT for the minimum node stake, you should consult this Overview of Pooling Services.

Warning: Use at your own risk. The appearance of third party descriptions and hyperlinks on the above linked sites does not constitute an endorsement, guarantee, warranty, or recommendation by Pocket Network, Inc., Pocket Network Foundation, or the Pocket DAO. Do conduct your own due diligence before deciding to use any third party services.

Node FAQ

The following pages contains common questions regarding running nodes.

Node Configuration

Does my blockchain node need to be synced before I start my Pocket node?

Yes. Every node on the Pocket Network needs to have the most up to date information of the blockchain they are supporting. If you start joining sessions before your node has caught up to the current block height, you will be returning incorrect data, and if incorrect data is being returned, your node will be slashed.

How many blockchains can one node support?

Your node can support up to the number of chains defined by the MaximumChains parameter. This limit is not definitive and can be changed by the DAO.

Can I add a load balancer address in my chains.json if I have multiple blockchains under one domain?

Yes you can! Just make sure you have the necessary ports open to be able to successfully send relays to the proper network.

How can I add more blockchains to my node?

Add the new RelayChainIDs to your chains.json file, then run the stake command again for your node. Since you’re already staked, running the command “updates” your staking configuration.

Find the RelayChainIDs here.

Can I continue earning POKT while I’m unstaking?

No, for the duration of the unstaking process as determined by the UnstakingTime parameter, your node will not be eligible for sessions.

Do each of my nodes need a unique IP address?

You need a dedicated domain for each node, but the nodes can be on the same machine, behind the same IP address. It would take properly configuring your Reverse Proxy and Firewall/Router, but it can be done.

How do I set my ulimit?

Where to set the ulimit

As a best practice, do not use root to run the pocket process. When you set the ulimit for your instance, it’s important to set it in the user profile that is running the pocket-core instance.

Warning

Make sure that you’re setting the ulimit for the specific account that’s running the pocket process.

Configuring the ulimit system-wide might vary depending on your OS. Here’s a basic tutorial on increasing the open files limit on Linux.

How to calculate the ulimit

To calculate the ulimit, you will have to define a few parameters as shown below:

({ulimit -Sn} >= {MaxNumInboundPeers} + {MaxNumOutboundPeers} + {GRPCMaxOpenConnections} + {MaxOpenConnections} + {Desired Concurrent Pocket RPC connections} + {100 (Constant number of wal, db and other open files)}

Breakdown:

  • ulimit -Sn: = is a soft number of open files that need to be open
  • GRPCMaxOpenConnections = is the number of RPC connections connections your node can relay
  • MaxOpenConnections = max number of connections you want your node to service

You will need to increase your ulimit to the calculated number. To do so, go into your .bashrc in your $HOME dir and enter:

ulimit -Sn 16384

Once you save your file, enter:

source ~/.bashrc

What do I do if my node needs to go down for an extended period, such as during a machine migration?

To opt out of being selected for work, you should deliberately jail your node, which lets the network know you are not ready to receive any relays. Once the machine is back up and running, you can unjail your node again.

Node Troubleshooting

Why is my node not earning POKT?

See the section below on Maximizing your POKT earnings.

How do I check my Pocket node status?

Make sure your node is connected to the network by executing:

curl http://<your node ip>:26657/status

Lookout for latest_block_height and latest_block_time to make sure it’s updated to the current time in UTC.

Example Output:

{
  "jsonrpc": "2.0",
  "id": "",
  "result": {
    "node_info": {
      "protocol_version": {
        "p2p": "7",
        "block": "10",
        "app": "0"
      },
      "id": "4930289621aefbf9252c91c4c729b7f685e44c4b",
      "listen_addr": "tcp://0.0.0.0:26656",
      "network": "pocket-testet-playground",
      "version": "0.32.7",
      "channels": "4020212223303800",
      "moniker": "pocket-core-testnet-55f59f6c8-5njbx",
      "other": {
        "tx_index": "on",
        "rpc_address": "tcp://0.0.0.0:26657"
      }
    },
    "sync_info": {
      "latest_block_hash": "090C3B9C3B9F1BB10C6825D5230A45759E19A9BCC1503B80314F93B69162C712",
      "latest_app_hash": "AB5838AA434FD36B48B759E62C596F4145F4C086B07FB45D2CCFCFFF21F5F937",
      "latest_block_height": "49",
      "latest_block_time": "2020-02-10T23:17:59.161691821Z",
      "catching_up": false
    },
    "validator_info": {
      "address": "4930289621AEFBF9252C91C4C729B7F685E44C4B",
      "pub_key": {
        "type": "tendermint/PubKeyEd25519",
        "value": "9i9322nUSMG1bzVAxjPylNI8za8AK/azdtBYoAtRz6o="
      },
      "voting_power": "1000"
    }
  }
}

I keep getting “too many open files” when my node is syncing? What does this mean?

This means that your ulimit is set too low on your node. Find instructions on how to set your ulimit above.

Why does my node keep crashing?

Your node can crash due to the following reasons:

  1. Having too many open files
  2. Resource limitations

Too Many Open Files

Make sure your ulimit is set correctly on your user profile. Find instructions on how to set your ulimit above.

Resource Limitations

Make sure your node meets the minimum hardware requirements for both a Pocket node and the blockchain nodes you’re servicing. Details are above on this page.

Will my node be slashed for downtime?

There are negligible burns at this stage of the network, determined by the SlashFractionDowntime parameter. As the network matures, the rate will probably be increased to push for better service.

Maximizing your Pocket earnings

So you’ve spun up your Pocket node but you’re not earning as much as you thought you would. On this page, we debunk some common misconceptions and explain how to maximize your earnings.

My node is functional but doesn’t seem to be earning POKT - is it configured incorrectly?

There are a couple of reasons why your node may not be rewarding you with POKT. There are many great community members and Pocket teammates that are eager to help you triage this, but first, ask yourself, β€œis your node configured correctly?”. Don’t assume it is. Use the troubleshooting steps listed above.

The next thing to check is if your node is offline or jailed…or both. Reasons include:

  • Returning incorrect data
  • Missing blocks
  • Being offline
  • serviceURI is not publicly reachable

If you suspect that this may be happening to your node, you can do a historical search on your nodes. We have a great community member who created this script to help you determine how long you were jailed for a specific period of time.

Checking your node status is one of the first steps towards maximizing your POKT earnings.

Conversely, how will I know if my node is working correctly?

Checking the block height is the easiest way to know if you’re synced up to the network. You can simply query your node to get this height and compare it to the latest block displayed on the Explorer.

pocket query height

The above command tells you if your Pocket node is synced up, but you’re probably running at least one other node for the external blockchains (referred to on this page as blockchain data nodes) that you’re serving to apps. You should make sure these are also synced up to their respective networks.

For example, you can check the block height of your Geth Ethereum node by submitting this query to your node, which returns the latest height of geth-mainnet known by the node.

curl --request POST --header 'Content-Type: application/json' --data-raw '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":83}' --user [authentication] [GETH NODE URL]

When will I find out if I have made POKT rewards?

To check if you’re earning rewards, you can simply monitor the balance of your node.

pocket query balance <address>

This way is very manual and you would need to track your balance over time to understand the change in the amounts.

The good news is there are several options for tracking your node rewards such as POKT ROKT, which tracks the last 24 hours of earnings in its CLI dashboard, or Sandwalker which tracks historical rewards by day and month.

Why don’t I just connect my Pocket node to [insert third-party provider here]?

On the surface, this seems like a great idea. Use a free tier of another service (e.g. Infura) and you don’t have to pay for any blockchain data node costs.

First off, free tiers by third-party providers are capped, which limits your upside. To make matters worse, if you use a third-party provider instead of running your own blockchain data node, you won’t make enough POKT to cover the server costs of your Pocket node.

Plus, that doesn’t jive with our ethos now, does it?

Why wouldn’t I make enough POKT with a third-party?

Using third-party providers slows you down. Slower nodes make less revenue.

Why does the third-party slow you down? Increasing the distance between your Pocket node and the third-party blockchain data node increases the number and length of hops that an end-user’s request has to make.

Here is an illustration:

In this example, the Pocket nodes (pink) are on the other side of the US from the Blockchain data nodes (orange). The end-user is using the Portal to communicate with the network. The path the end-user’s request must take is: End-user β†’ Portal β†’ Pocket Node β†’ Blockchain Data Node β†’ Pocket Node β†’ Portal β†’ End-user

The end-user’s request must hop back and forth across the US 4 times and that’s not including the hops between the user and the Portal. As a result, it may take up to 1 second for a user to receive something as simple as a balance query. That’s not very good service.

Aren’t there data centers around the world for this exact reason?

Correct. However, this works against you in this scenario.

Most third-party providers will have their servers in standard cloud regions situated around the world labeled such as East, West, EU, and Singapore. Load balancers are standard. For example, if a user is in Australia, they will be redirected to the nearest server in Singapore.

The challenge with using a third-party provider for your blockchain data node is that, by default, your Pocket Node will not always be in the same data center or machine as the third-party blockchain data node. If your Pocket Node is in US West, while you may have lesser latency from users who are hitting those servers, your node will never be as fast as it could be.

Your node will likely be in a different datacenter, where even a couple of hops will add somewhere between 30ms - 50ms. This becomes exacerbated when a user is coming from US East or the EU. With a full node on US West, you’re adding up to 200ms per request for these users.

Why does the latency matter?

While Pocket Network doesn’t discriminate (yet) between the speed of requests, the Portal does. The Portal filters out slow nodes to ensure the protocol is providing the best service possible to apps.

The vast majority of the requests on the network today come through the Portal. This means that faster nodes = more POKT.

In the long run, your setup matters not only for your earnings but also for ensuring a quality service for end-users (which will ultimately be crucial for the growth of the network).

Then how can I maximize my node revenue?

The following are some best practices that will give you an edge over the majority of node runners.

  • Know where the users are located… and locate your nodes accordingly. The Pocket Portal is currently in US-West-2, US-East-2, EU-West-1, AP-SE-1. The most underserved geographic area on Pocket is currently the Asia Pacific region.
  • Minimize the distance between your Pocket Nodes and your blockchain data nodes. Having your blockchain data nodes next to your Pocket nodes in the same rack is ideal.
  • Load-balance your blockchain data nodes.
  • Use a Peering Tower to reduce P2P gossip on the network. Visit the πŸ€–node-runner channel on Discord for more information.
  • Use physical hardware at home or data centers; you will have faster nodes and lower costs over time by owning your hardware and co-locating it.
  • Monitor your nodes for both health and sync – being online is only the first step, you must keep your blockchain data nodes in sync or they will not service relays.
  • Use services like the Performance Explorer to monitor your node’s performance in comparison to other nodes.