1494 lines
52 KiB
Nim
1494 lines
52 KiB
Nim
# beacon_chain
|
|
# Copyright (c) 2018-2024 Status Research & Development GmbH
|
|
# Licensed and distributed under either of
|
|
# * MIT license (license terms in the root directory or at https://opensource.org/licenses/MIT).
|
|
# * Apache v2 license (license terms in the root directory or at https://www.apache.org/licenses/LICENSE-2.0).
|
|
# at your option. This file may not be copied, modified, or distributed except according to those terms.
|
|
|
|
{.push raises: [].}
|
|
|
|
import
|
|
std/[options, unicode, uri],
|
|
metrics,
|
|
|
|
chronicles, chronicles/options as chroniclesOptions,
|
|
confutils, confutils/defs, confutils/std/net,
|
|
confutils/toml/defs as confTomlDefs,
|
|
confutils/toml/std/net as confTomlNet,
|
|
confutils/toml/std/uri as confTomlUri,
|
|
serialization/errors, stew/shims/net as stewNet,
|
|
stew/[io2, byteutils], unicodedb/properties, normalize,
|
|
eth/common/eth_types as commonEthTypes, eth/net/nat,
|
|
eth/p2p/discoveryv5/enr,
|
|
json_serialization, web3/[primitives, confutils_defs],
|
|
kzg4844/kzg_ex,
|
|
./spec/[engine_authentication, keystore, network, crypto],
|
|
./spec/datatypes/base,
|
|
./networking/network_metadata,
|
|
./validators/slashing_protection_common,
|
|
./el/el_conf,
|
|
./filepath
|
|
|
|
from std/os import getHomeDir, parentDir, `/`
|
|
from std/strutils import parseBiggestUInt, replace
|
|
from fork_choice/fork_choice_types
|
|
import ForkChoiceVersion
|
|
from consensus_object_pools/block_pools_types_light_client
|
|
import LightClientDataImportMode
|
|
|
|
export
|
|
uri, nat, enr,
|
|
defaultEth2TcpPort, enabledLogLevel,
|
|
defs, parseCmdArg, completeCmdArg, network_metadata,
|
|
el_conf, network, BlockHashOrNumber,
|
|
confTomlDefs, confTomlNet, confTomlUri,
|
|
LightClientDataImportMode
|
|
|
|
declareGauge network_name, "network name", ["name"]
|
|
|
|
const
|
|
# TODO: How should we select between IPv4 and IPv6
|
|
# Maybe there should be a config option for this.
|
|
defaultListenAddress* = (static parseIpAddress("0.0.0.0"))
|
|
defaultAdminListenAddress* = (static parseIpAddress("127.0.0.1"))
|
|
defaultSigningNodeRequestTimeout* = 60
|
|
defaultBeaconNode* = "http://127.0.0.1:" & $defaultEth2RestPort
|
|
defaultBeaconNodeUri* = parseUri(defaultBeaconNode)
|
|
defaultGasLimit* = 30_000_000
|
|
|
|
defaultListenAddressDesc* = $defaultListenAddress
|
|
defaultAdminListenAddressDesc* = $defaultAdminListenAddress
|
|
defaultBeaconNodeDesc = $defaultBeaconNode
|
|
|
|
when defined(windows):
|
|
{.pragma: windowsOnly.}
|
|
{.pragma: posixOnly, hidden.}
|
|
else:
|
|
{.pragma: windowsOnly, hidden.}
|
|
{.pragma: posixOnly.}
|
|
|
|
type
|
|
BNStartUpCmd* {.pure.} = enum
|
|
noCommand
|
|
deposits
|
|
wallets
|
|
record
|
|
web3
|
|
slashingdb
|
|
trustedNodeSync
|
|
|
|
WalletsCmd* {.pure.} = enum
|
|
create = "Creates a new EIP-2386 wallet"
|
|
restore = "Restores a wallet from cold storage"
|
|
list = "Lists details about all wallets"
|
|
|
|
DepositsCmd* {.pure.} = enum
|
|
createTestnetDeposits = "Creates validator keystores and deposits for testnet usage"
|
|
`import` = "Imports password-protected keystores interactively"
|
|
# status = "Displays status information about all deposits"
|
|
exit = "Submits a validator voluntary exit"
|
|
|
|
SNStartUpCmd* = enum
|
|
SNNoCommand
|
|
|
|
RecordCmd* {.pure.} = enum
|
|
create = "Create a new ENR"
|
|
print = "Print the content of a given ENR"
|
|
|
|
Web3Cmd* {.pure.} = enum
|
|
test = "Test a web3 provider"
|
|
|
|
SlashingDbKind* {.pure.} = enum
|
|
v1
|
|
v2
|
|
both
|
|
|
|
StdoutLogKind* {.pure.} = enum
|
|
Auto = "auto"
|
|
Colors = "colors"
|
|
NoColors = "nocolors"
|
|
Json = "json"
|
|
None = "none"
|
|
|
|
HistoryMode* {.pure.} = enum
|
|
Archive = "archive"
|
|
Prune = "prune"
|
|
|
|
SlashProtCmd* = enum
|
|
`import` = "Import a EIP-3076 slashing protection interchange file"
|
|
`export` = "Export a EIP-3076 slashing protection interchange file"
|
|
# migrateAll = "Export and remove the whole validator slashing protection DB."
|
|
# migrate = "Export and remove specified validators from Nimbus."
|
|
|
|
ImportMethod* {.pure.} = enum
|
|
Normal = "normal"
|
|
SingleSalt = "single-salt"
|
|
|
|
BlockMonitoringType* {.pure.} = enum
|
|
Disabled = "disabled"
|
|
Poll = "poll"
|
|
Event = "event"
|
|
|
|
Web3SignerUrl* = object
|
|
url*: Uri
|
|
provenBlockProperties*: seq[string] # empty if this is not a verifying Web3Signer
|
|
|
|
BeaconNodeConf* = object
|
|
configFile* {.
|
|
desc: "Loads the configuration from a TOML file"
|
|
name: "config-file" .}: Option[InputFile]
|
|
|
|
logLevel* {.
|
|
desc: "Sets the log level for process and topics (e.g. \"DEBUG; TRACE:discv5,libp2p; REQUIRED:none; DISABLED:none\")"
|
|
defaultValue: "INFO"
|
|
name: "log-level" .}: string
|
|
|
|
logStdout* {.
|
|
hidden
|
|
desc: "Specifies what kind of logs should be written to stdout (auto, colors, nocolors, json)"
|
|
defaultValueDesc: "auto"
|
|
defaultValue: StdoutLogKind.Auto
|
|
name: "log-format" .}: StdoutLogKind
|
|
|
|
logFile* {.
|
|
desc: "Specifies a path for the written JSON log file (deprecated)"
|
|
name: "log-file" .}: Option[OutFile]
|
|
|
|
eth2Network* {.
|
|
desc: "The Eth2 network to join"
|
|
defaultValueDesc: "mainnet"
|
|
name: "network" .}: Option[string]
|
|
|
|
dataDir* {.
|
|
desc: "The directory where nimbus will store all blockchain data"
|
|
defaultValue: config.defaultDataDir()
|
|
defaultValueDesc: ""
|
|
abbr: "d"
|
|
name: "data-dir" .}: OutDir
|
|
|
|
validatorsDirFlag* {.
|
|
desc: "A directory containing validator keystores"
|
|
name: "validators-dir" .}: Option[InputDir]
|
|
|
|
verifyingWeb3Signers* {.
|
|
desc: "Remote Web3Signer URL that will be used as a source of validators"
|
|
name: "verifying-web3-signer-url" .}: seq[Uri]
|
|
|
|
provenBlockProperties* {.
|
|
desc: "The field path of a block property that will be sent for verification to the verifying Web3Signer (for example \".execution_payload.fee_recipient\")"
|
|
name: "proven-block-property" .}: seq[string]
|
|
|
|
web3Signers* {.
|
|
desc: "Remote Web3Signer URL that will be used as a source of validators"
|
|
name: "web3-signer-url" .}: seq[Uri]
|
|
|
|
web3signerUpdateInterval* {.
|
|
desc: "Number of seconds between validator list updates"
|
|
name: "web3-signer-update-interval"
|
|
defaultValue: 3600 .}: Natural
|
|
|
|
secretsDirFlag* {.
|
|
desc: "A directory containing validator keystore passwords"
|
|
name: "secrets-dir" .}: Option[InputDir]
|
|
|
|
walletsDirFlag* {.
|
|
desc: "A directory containing wallet files"
|
|
name: "wallets-dir" .}: Option[InputDir]
|
|
|
|
eraDirFlag* {.
|
|
hidden
|
|
desc: "A directory containing era files"
|
|
name: "era-dir" .}: Option[InputDir]
|
|
|
|
web3ForcePolling* {.
|
|
hidden
|
|
desc: "Force the use of polling when determining the head block of Eth1 (obsolete)"
|
|
name: "web3-force-polling" .}: Option[bool]
|
|
|
|
web3Urls* {.
|
|
desc: "One or more execution layer Engine API URLs"
|
|
name: "web3-url" .}: seq[EngineApiUrlConfigValue]
|
|
|
|
elUrls* {.
|
|
desc: "One or more execution layer Engine API URLs"
|
|
name: "el" .}: seq[EngineApiUrlConfigValue]
|
|
|
|
noEl* {.
|
|
defaultValue: false
|
|
desc: "Don't use an EL. The node will remain optimistically synced and won't be able to perform validator duties"
|
|
name: "no-el" .}: bool
|
|
|
|
optimistic* {.
|
|
hidden # deprecated > 22.12
|
|
desc: "Run the node in optimistic mode, allowing it to optimistically sync without an execution client (flag deprecated, always on)"
|
|
name: "optimistic".}: Option[bool]
|
|
|
|
requireEngineAPI* {.
|
|
hidden # Deprecated > 22.9
|
|
desc: "Require Nimbus to be configured with an Engine API end-point after the Bellatrix fork epoch"
|
|
name: "require-engine-api-in-bellatrix" .}: Option[bool]
|
|
|
|
nonInteractive* {.
|
|
desc: "Do not display interactive prompts. Quit on missing configuration"
|
|
name: "non-interactive" .}: bool
|
|
|
|
netKeyFile* {.
|
|
desc: "Source of network (secp256k1) private key file " &
|
|
"(random|<path>)"
|
|
defaultValue: "random",
|
|
name: "netkey-file" .}: string
|
|
|
|
netKeyInsecurePassword* {.
|
|
desc: "Use pre-generated INSECURE password for network private key file"
|
|
defaultValue: false,
|
|
name: "insecure-netkey-password" .}: bool
|
|
|
|
agentString* {.
|
|
defaultValue: "nimbus",
|
|
desc: "Node agent string which is used as identifier in network"
|
|
name: "agent-string" .}: string
|
|
|
|
subscribeAllSubnets* {.
|
|
defaultValue: false,
|
|
desc: "Subscribe to all subnet topics when gossiping"
|
|
name: "subscribe-all-subnets" .}: bool
|
|
|
|
slashingDbKind* {.
|
|
hidden
|
|
defaultValue: SlashingDbKind.v2
|
|
desc: "The slashing DB flavour to use"
|
|
name: "slashing-db-kind" .}: SlashingDbKind
|
|
|
|
numThreads* {.
|
|
defaultValue: 0,
|
|
desc: "Number of worker threads (\"0\" = use as many threads as there are CPU cores available)"
|
|
name: "num-threads" .}: int
|
|
|
|
# https://github.com/ethereum/execution-apis/blob/v1.0.0-beta.3/src/engine/authentication.md#key-distribution
|
|
jwtSecret* {.
|
|
desc: "A file containing the hex-encoded 256 bit secret key to be used for verifying/generating JWT tokens"
|
|
name: "jwt-secret" .}: Option[InputFile]
|
|
|
|
case cmd* {.
|
|
command
|
|
defaultValue: BNStartUpCmd.noCommand .}: BNStartUpCmd
|
|
|
|
of BNStartUpCmd.noCommand:
|
|
runAsServiceFlag* {.
|
|
windowsOnly
|
|
defaultValue: false,
|
|
desc: "Run as a Windows service"
|
|
name: "run-as-service" .}: bool
|
|
|
|
bootstrapNodes* {.
|
|
desc: "Specifies one or more bootstrap nodes to use when connecting to the network"
|
|
abbr: "b"
|
|
name: "bootstrap-node" .}: seq[string]
|
|
|
|
bootstrapNodesFile* {.
|
|
desc: "Specifies a line-delimited file of bootstrap Ethereum network addresses"
|
|
defaultValue: ""
|
|
name: "bootstrap-file" .}: InputFile
|
|
|
|
listenAddress* {.
|
|
desc: "Listening address for the Ethereum LibP2P and Discovery v5 traffic"
|
|
defaultValue: defaultListenAddress
|
|
defaultValueDesc: $defaultListenAddressDesc
|
|
name: "listen-address" .}: IpAddress
|
|
|
|
tcpPort* {.
|
|
desc: "Listening TCP port for Ethereum LibP2P traffic"
|
|
defaultValue: defaultEth2TcpPort
|
|
defaultValueDesc: $defaultEth2TcpPortDesc
|
|
name: "tcp-port" .}: Port
|
|
|
|
udpPort* {.
|
|
desc: "Listening UDP port for node discovery"
|
|
defaultValue: defaultEth2TcpPort
|
|
defaultValueDesc: $defaultEth2TcpPortDesc
|
|
name: "udp-port" .}: Port
|
|
|
|
maxPeers* {.
|
|
desc: "The target number of peers to connect to"
|
|
defaultValue: 160 # 5 (fanout) * 64 (subnets) / 2 (subs) for a heathy mesh
|
|
name: "max-peers" .}: int
|
|
|
|
hardMaxPeers* {.
|
|
desc: "The maximum number of peers to connect to. Defaults to maxPeers * 1.5"
|
|
name: "hard-max-peers" .}: Option[int]
|
|
|
|
nat* {.
|
|
desc: "Specify method to use for determining public address. " &
|
|
"Must be one of: any, none, upnp, pmp, extip:<IP>"
|
|
defaultValue: NatConfig(hasExtIp: false, nat: NatAny)
|
|
defaultValueDesc: "any"
|
|
name: "nat" .}: NatConfig
|
|
|
|
enrAutoUpdate* {.
|
|
desc: "Discovery can automatically update its ENR with the IP address " &
|
|
"and UDP port as seen by other nodes it communicates with. " &
|
|
"This option allows to enable/disable this functionality"
|
|
defaultValue: false
|
|
name: "enr-auto-update" .}: bool
|
|
|
|
enableYamux* {.
|
|
hidden
|
|
desc: "Enable the Yamux multiplexer"
|
|
defaultValue: false
|
|
name: "enable-yamux" .}: bool
|
|
|
|
weakSubjectivityCheckpoint* {.
|
|
desc: "Weak subjectivity checkpoint in the format block_root:epoch_number"
|
|
name: "weak-subjectivity-checkpoint" .}: Option[Checkpoint]
|
|
|
|
externalBeaconApiUrl* {.
|
|
desc: "External beacon API to use for syncing (on empty database)"
|
|
name: "external-beacon-api-url" .}: Option[string]
|
|
|
|
syncLightClient* {.
|
|
desc: "Accelerate sync using light client"
|
|
defaultValue: true
|
|
name: "sync-light-client" .}: bool
|
|
|
|
trustedBlockRoot* {.
|
|
desc: "Recent trusted finalized block root to sync from external " &
|
|
"beacon API (with `--external-beacon-api-url`). " &
|
|
"Uses the light client sync protocol to obtain the latest " &
|
|
"finalized checkpoint (LC is initialized from trusted block root)"
|
|
name: "trusted-block-root" .}: Option[Eth2Digest]
|
|
|
|
trustedStateRoot* {.
|
|
desc: "Recent trusted finalized state root to sync from external " &
|
|
"beacon API (with `--external-beacon-api-url`)"
|
|
name: "trusted-state-root" .}: Option[Eth2Digest]
|
|
|
|
finalizedCheckpointState* {.
|
|
desc: "SSZ file specifying a recent finalized state"
|
|
name: "finalized-checkpoint-state" .}: Option[InputFile]
|
|
|
|
genesisState* {.
|
|
desc: "SSZ file specifying the genesis state of the network (for networks without a built-in genesis state)"
|
|
name: "genesis-state" .}: Option[InputFile]
|
|
|
|
genesisStateUrl* {.
|
|
desc: "URL for obtaining the genesis state of the network (for networks without a built-in genesis state)"
|
|
name: "genesis-state-url" .}: Option[Uri]
|
|
|
|
finalizedDepositTreeSnapshot* {.
|
|
desc: "SSZ file specifying a recent finalized EIP-4881 deposit tree snapshot"
|
|
name: "finalized-deposit-tree-snapshot" .}: Option[InputFile]
|
|
|
|
finalizedCheckpointBlock* {.
|
|
hidden
|
|
desc: "SSZ file specifying a recent finalized block"
|
|
name: "finalized-checkpoint-block" .}: Option[InputFile]
|
|
|
|
nodeName* {.
|
|
desc: "A name for this node that will appear in the logs. " &
|
|
"If you set this to 'auto', a persistent automatically generated ID will be selected for each --data-dir folder"
|
|
defaultValue: ""
|
|
name: "node-name" .}: string
|
|
|
|
graffiti* {.
|
|
desc: "The graffiti value that will appear in proposed blocks. " &
|
|
"You can use a 0x-prefixed hex encoded string to specify raw bytes"
|
|
name: "graffiti" .}: Option[GraffitiBytes]
|
|
|
|
strictVerification* {.
|
|
hidden
|
|
desc: "Specify whether to verify finalization occurs on schedule (debug only)"
|
|
defaultValue: false
|
|
name: "verify-finalization" .}: bool
|
|
|
|
stopAtEpoch* {.
|
|
hidden
|
|
desc: "The wall-time epoch at which to exit the program. (for testing purposes)"
|
|
defaultValue: 0
|
|
name: "debug-stop-at-epoch" .}: uint64
|
|
|
|
stopAtSyncedEpoch* {.
|
|
hidden
|
|
desc: "The synced epoch at which to exit the program. (for testing purposes)"
|
|
defaultValue: 0
|
|
name: "stop-at-synced-epoch" .}: uint64
|
|
|
|
metricsEnabled* {.
|
|
desc: "Enable the metrics server"
|
|
defaultValue: false
|
|
name: "metrics" .}: bool
|
|
|
|
metricsAddress* {.
|
|
desc: "Listening address of the metrics server"
|
|
defaultValue: defaultAdminListenAddress
|
|
defaultValueDesc: $defaultAdminListenAddressDesc
|
|
name: "metrics-address" .}: IpAddress
|
|
|
|
metricsPort* {.
|
|
desc: "Listening HTTP port of the metrics server"
|
|
defaultValue: 8008
|
|
name: "metrics-port" .}: Port
|
|
|
|
statusBarEnabled* {.
|
|
posixOnly
|
|
desc: "Display a status bar at the bottom of the terminal screen"
|
|
defaultValue: true
|
|
name: "status-bar" .}: bool
|
|
|
|
statusBarContents* {.
|
|
posixOnly
|
|
desc: "Textual template for the contents of the status bar"
|
|
defaultValue: "peers: $connected_peers;" &
|
|
"finalized: $finalized_root:$finalized_epoch;" &
|
|
"head: $head_root:$head_epoch:$head_epoch_slot$next_consensus_fork;" &
|
|
"time: $epoch:$epoch_slot ($slot);" &
|
|
"sync: $sync_status|" &
|
|
"ETH: $attached_validators_balance"
|
|
defaultValueDesc: ""
|
|
name: "status-bar-contents" .}: string
|
|
|
|
rpcEnabled* {.
|
|
# Deprecated > 1.7.0
|
|
hidden
|
|
desc: "Deprecated for removal"
|
|
name: "rpc" .}: Option[bool]
|
|
|
|
rpcPort* {.
|
|
# Deprecated > 1.7.0
|
|
hidden
|
|
desc: "Deprecated for removal"
|
|
name: "rpc-port" .}: Option[Port]
|
|
|
|
rpcAddress* {.
|
|
# Deprecated > 1.7.0
|
|
hidden
|
|
desc: "Deprecated for removal"
|
|
name: "rpc-address" .}: Option[IpAddress]
|
|
|
|
restEnabled* {.
|
|
desc: "Enable the REST server"
|
|
defaultValue: false
|
|
name: "rest" .}: bool
|
|
|
|
restPort* {.
|
|
desc: "Port for the REST server"
|
|
defaultValue: defaultEth2RestPort
|
|
defaultValueDesc: $defaultEth2RestPortDesc
|
|
name: "rest-port" .}: Port
|
|
|
|
restAddress* {.
|
|
desc: "Listening address of the REST server"
|
|
defaultValue: defaultAdminListenAddress
|
|
defaultValueDesc: $defaultAdminListenAddressDesc
|
|
name: "rest-address" .}: IpAddress
|
|
|
|
restAllowedOrigin* {.
|
|
desc: "Limit the access to the REST API to a particular hostname " &
|
|
"(for CORS-enabled clients such as browsers)"
|
|
name: "rest-allow-origin" .}: Option[string]
|
|
|
|
restCacheSize* {.
|
|
defaultValue: 3
|
|
desc: "The maximum number of recently accessed states that are kept in " &
|
|
"memory. Speeds up requests obtaining information for consecutive " &
|
|
"slots or epochs."
|
|
name: "rest-statecache-size" .}: Natural
|
|
|
|
restCacheTtl* {.
|
|
defaultValue: 60
|
|
desc: "The number of seconds to keep recently accessed states in memory"
|
|
name: "rest-statecache-ttl" .}: Natural
|
|
|
|
restRequestTimeout* {.
|
|
defaultValue: 0
|
|
defaultValueDesc: "infinite"
|
|
desc: "The number of seconds to wait until complete REST request " &
|
|
"will be received"
|
|
name: "rest-request-timeout" .}: Natural
|
|
|
|
restMaxRequestBodySize* {.
|
|
defaultValue: 16_384
|
|
desc: "Maximum size of REST request body (kilobytes)"
|
|
name: "rest-max-body-size" .}: Natural
|
|
|
|
restMaxRequestHeadersSize* {.
|
|
defaultValue: 128
|
|
desc: "Maximum size of REST request headers (kilobytes)"
|
|
name: "rest-max-headers-size" .}: Natural
|
|
## NOTE: If you going to adjust this value please check value
|
|
## ``ClientMaximumValidatorIds`` and comments in
|
|
## `spec/eth2_apis/rest_types.nim`. This values depend on each other.
|
|
|
|
keymanagerEnabled* {.
|
|
desc: "Enable the REST keymanager API"
|
|
defaultValue: false
|
|
name: "keymanager" .}: bool
|
|
|
|
keymanagerPort* {.
|
|
desc: "Listening port for the REST keymanager API"
|
|
defaultValue: defaultEth2RestPort
|
|
defaultValueDesc: $defaultEth2RestPortDesc
|
|
name: "keymanager-port" .}: Port
|
|
|
|
keymanagerAddress* {.
|
|
desc: "Listening port for the REST keymanager API"
|
|
defaultValue: defaultAdminListenAddress
|
|
defaultValueDesc: $defaultAdminListenAddressDesc
|
|
name: "keymanager-address" .}: IpAddress
|
|
|
|
keymanagerAllowedOrigin* {.
|
|
desc: "Limit the access to the Keymanager API to a particular hostname " &
|
|
"(for CORS-enabled clients such as browsers)"
|
|
name: "keymanager-allow-origin" .}: Option[string]
|
|
|
|
keymanagerTokenFile* {.
|
|
desc: "A file specifying the authorization token required for accessing the keymanager API"
|
|
name: "keymanager-token-file" .}: Option[InputFile]
|
|
|
|
lightClientDataServe* {.
|
|
desc: "Serve data for enabling light clients to stay in sync with the network"
|
|
defaultValue: true
|
|
name: "light-client-data-serve" .}: bool
|
|
|
|
lightClientDataImportMode* {.
|
|
desc: "Which classes of light client data to import. " &
|
|
"Must be one of: none, only-new, full (slow startup), on-demand (may miss validator duties)"
|
|
defaultValue: LightClientDataImportMode.OnlyNew
|
|
defaultValueDesc: $LightClientDataImportMode.OnlyNew
|
|
name: "light-client-data-import-mode" .}: LightClientDataImportMode
|
|
|
|
lightClientDataMaxPeriods* {.
|
|
desc: "Maximum number of sync committee periods to retain light client data"
|
|
name: "light-client-data-max-periods" .}: Option[uint64]
|
|
|
|
inProcessValidators* {.
|
|
desc: "Disable the push model (the beacon node tells a signing process with the private keys of the validators what to sign and when) and load the validators in the beacon node itself"
|
|
defaultValue: true # the use of the nimbus_signing_process binary by default will be delayed until async I/O over stdin/stdout is developed for the child process.
|
|
name: "in-process-validators" .}: bool
|
|
|
|
discv5Enabled* {.
|
|
desc: "Enable Discovery v5"
|
|
defaultValue: true
|
|
name: "discv5" .}: bool
|
|
|
|
dumpEnabled* {.
|
|
desc: "Write SSZ dumps of blocks, attestations and states to data dir"
|
|
defaultValue: false
|
|
name: "dump" .}: bool
|
|
|
|
directPeers* {.
|
|
desc: "The list of privileged, secure and known peers to connect and maintain the connection to. This requires a not random netkey-file. In the multiaddress format like: /ip4/<address>/tcp/<port>/p2p/<peerId-public-key>, or enr format (enr:-xx). Peering agreements are established out of band and must be reciprocal"
|
|
name: "direct-peer" .}: seq[string]
|
|
|
|
doppelgangerDetection* {.
|
|
desc: "If enabled, the beacon node prudently listens for 2 epochs for attestations from a validator with the same index (a doppelganger), before sending an attestation itself. This protects against slashing (due to double-voting) but means you will miss two attestations when restarting."
|
|
defaultValue: true
|
|
name: "doppelganger-detection" .}: bool
|
|
|
|
syncHorizon* {.
|
|
hidden
|
|
desc: "Number of empty slots to process before considering the client out of sync"
|
|
defaultValue: MaxEmptySlotCount
|
|
defaultValueDesc: "50"
|
|
name: "sync-horizon" .}: uint64
|
|
|
|
terminalTotalDifficultyOverride* {.
|
|
hidden
|
|
desc: "Deprecated for removal"
|
|
name: "terminal-total-difficulty-override" .}: Option[string]
|
|
|
|
validatorMonitorAuto* {.
|
|
desc: "Monitor validator activity automatically for validators active on this beacon node"
|
|
defaultValue: true
|
|
name: "validator-monitor-auto" .}: bool
|
|
|
|
validatorMonitorPubkeys* {.
|
|
desc: "One or more validators to monitor - works best when --subscribe-all-subnets is enabled"
|
|
name: "validator-monitor-pubkey" .}: seq[ValidatorPubKey]
|
|
|
|
validatorMonitorDetails* {.
|
|
desc: "Publish detailed metrics for each validator individually - may incur significant overhead with large numbers of validators"
|
|
defaultValue: false
|
|
name: "validator-monitor-details" .}: bool
|
|
|
|
validatorMonitorTotals* {.
|
|
hidden
|
|
desc: "Deprecated in favour of --validator-monitor-details"
|
|
name: "validator-monitor-totals" .}: Option[bool]
|
|
|
|
safeSlotsToImportOptimistically* {.
|
|
# Never unhidden or documented, and deprecated > 22.9.1
|
|
hidden
|
|
desc: "Deprecated for removal"
|
|
name: "safe-slots-to-import-optimistically" .}: Option[uint16]
|
|
|
|
# Same option as appears in Lighthouse and Prysm
|
|
# https://lighthouse-book.sigmaprime.io/suggested-fee-recipient.html
|
|
# https://github.com/prysmaticlabs/prysm/pull/10312
|
|
suggestedFeeRecipient* {.
|
|
desc: "Suggested fee recipient"
|
|
name: "suggested-fee-recipient" .}: Option[Address]
|
|
|
|
suggestedGasLimit* {.
|
|
desc: "Suggested gas limit"
|
|
defaultValue: defaultGasLimit
|
|
name: "suggested-gas-limit" .}: uint64
|
|
|
|
payloadBuilderEnable* {.
|
|
desc: "Enable external payload builder"
|
|
defaultValue: false
|
|
name: "payload-builder" .}: bool
|
|
|
|
payloadBuilderUrl* {.
|
|
desc: "Payload builder URL"
|
|
defaultValue: ""
|
|
name: "payload-builder-url" .}: string
|
|
|
|
# Flag name and semantics borrowed from Prysm
|
|
# https://github.com/prysmaticlabs/prysm/pull/12227/files
|
|
localBlockValueBoost* {.
|
|
desc: "Increase execution layer block values for builder bid comparison by a percentage"
|
|
defaultValue: 0
|
|
name: "local-block-value-boost" .}: uint8
|
|
|
|
historyMode* {.
|
|
desc: "Retention strategy for historical data (archive/prune)"
|
|
defaultValue: HistoryMode.Prune
|
|
name: "history".}: HistoryMode
|
|
|
|
# https://notes.ethereum.org/@bbusa/dencun-devnet-6
|
|
# "Please ensure that there is a way for us to specify the file through a
|
|
# runtime flag such as --trusted-setup-file (or similar)."
|
|
trustedSetupFile* {.
|
|
hidden
|
|
desc: "Experimental, debug option; could disappear at any time without warning"
|
|
name: "temporary-debug-trusted-setup-file" .}: Option[string]
|
|
|
|
bandwidthEstimate* {.
|
|
hidden
|
|
desc: "Bandwidth estimate for the node (bits per second)"
|
|
name: "debug-bandwidth-estimate" .}: Option[Natural]
|
|
|
|
forkChoiceVersion* {.
|
|
hidden
|
|
desc: "Forkchoice version to use. " &
|
|
"Must be one of: stable"
|
|
name: "debug-forkchoice-version" .}: Option[ForkChoiceVersion]
|
|
|
|
of BNStartUpCmd.wallets:
|
|
case walletsCmd* {.command.}: WalletsCmd
|
|
of WalletsCmd.create:
|
|
nextAccount* {.
|
|
desc: "Initial value for the 'nextaccount' property of the wallet"
|
|
name: "next-account" .}: Option[Natural]
|
|
|
|
createdWalletNameFlag* {.
|
|
desc: "An easy-to-remember name for the wallet of your choice"
|
|
name: "name" .}: Option[WalletName]
|
|
|
|
createdWalletFileFlag* {.
|
|
desc: "Output wallet file"
|
|
name: "out" .}: Option[OutFile]
|
|
|
|
of WalletsCmd.restore:
|
|
restoredWalletNameFlag* {.
|
|
desc: "An easy-to-remember name for the wallet of your choice"
|
|
name: "name" .}: Option[WalletName]
|
|
|
|
restoredWalletFileFlag* {.
|
|
desc: "Output wallet file"
|
|
name: "out" .}: Option[OutFile]
|
|
|
|
restoredDepositsCount* {.
|
|
desc: "Expected number of deposits to recover. If not specified, " &
|
|
"Nimbus will try to guess the number by inspecting the latest " &
|
|
"beacon state"
|
|
name: "deposits".}: Option[Natural]
|
|
|
|
of WalletsCmd.list:
|
|
discard
|
|
|
|
of BNStartUpCmd.deposits:
|
|
case depositsCmd* {.command.}: DepositsCmd
|
|
of DepositsCmd.createTestnetDeposits:
|
|
totalDeposits* {.
|
|
desc: "Number of deposits to generate"
|
|
defaultValue: 1
|
|
name: "count" .}: int
|
|
|
|
existingWalletId* {.
|
|
desc: "An existing wallet ID. If not specified, a new wallet will be created"
|
|
name: "wallet" .}: Option[WalletName]
|
|
|
|
outValidatorsDir* {.
|
|
desc: "Output folder for validator keystores"
|
|
defaultValue: "validators"
|
|
name: "out-validators-dir" .}: string
|
|
|
|
outSecretsDir* {.
|
|
desc: "Output folder for randomly generated keystore passphrases"
|
|
defaultValue: "secrets"
|
|
name: "out-secrets-dir" .}: string
|
|
|
|
outDepositsFile* {.
|
|
desc: "The name of generated deposits file"
|
|
name: "out-deposits-file" .}: Option[OutFile]
|
|
|
|
newWalletNameFlag* {.
|
|
desc: "An easy-to-remember name for the wallet of your choice"
|
|
name: "new-wallet-name" .}: Option[WalletName]
|
|
|
|
newWalletFileFlag* {.
|
|
desc: "Output wallet file"
|
|
name: "new-wallet-file" .}: Option[OutFile]
|
|
|
|
#[
|
|
of DepositsCmd.status:
|
|
discard
|
|
]#
|
|
|
|
of DepositsCmd.`import`:
|
|
importedDepositsDir* {.
|
|
argument
|
|
desc: "A directory with keystores to import" .}: Option[InputDir]
|
|
|
|
importMethod* {.
|
|
desc: "Specifies which import method will be used (" &
|
|
"normal, single-salt)"
|
|
defaultValue: ImportMethod.Normal
|
|
name: "method" .}: ImportMethod
|
|
|
|
of DepositsCmd.exit:
|
|
exitedValidators* {.
|
|
desc: "One or more validator index, public key or a keystore path of " &
|
|
"the exited validator(s)"
|
|
name: "validator" .}: seq[string]
|
|
|
|
exitAllValidatorsFlag* {.
|
|
desc: "Exit all validators in the specified data directory or validators directory"
|
|
defaultValue: false
|
|
name: "all" .}: bool
|
|
|
|
exitAtEpoch* {.
|
|
name: "epoch"
|
|
defaultValueDesc: "immediately"
|
|
desc: "The desired exit epoch" .}: Option[uint64]
|
|
|
|
restUrlForExit* {.
|
|
desc: "URL of the beacon node REST service"
|
|
defaultValue: defaultBeaconNode
|
|
defaultValueDesc: $defaultBeaconNodeDesc
|
|
name: "rest-url" .}: string
|
|
|
|
printData* {.
|
|
desc: "Print signed exit message instead of publishing it"
|
|
defaultValue: false
|
|
name: "print" .}: bool
|
|
|
|
of BNStartUpCmd.record:
|
|
case recordCmd* {.command.}: RecordCmd
|
|
of RecordCmd.create:
|
|
ipExt* {.
|
|
desc: "External IP address"
|
|
name: "ip" .}: IpAddress
|
|
|
|
tcpPortExt* {.
|
|
desc: "External TCP port"
|
|
name: "tcp-port" .}: Port
|
|
|
|
udpPortExt* {.
|
|
desc: "External UDP port"
|
|
name: "udp-port" .}: Port
|
|
|
|
seqNumber* {.
|
|
desc: "Record sequence number"
|
|
defaultValue: 1,
|
|
name: "seq-number" .}: uint
|
|
|
|
fields* {.
|
|
desc: "Additional record key pairs, provide as <string>:<bytes in hex>"
|
|
name: "field" .}: seq[(string)]
|
|
|
|
of RecordCmd.print:
|
|
recordPrint* {.
|
|
argument
|
|
desc: "ENR URI of the record to print"
|
|
name: "enr" .}: Record
|
|
|
|
of BNStartUpCmd.web3:
|
|
case web3Cmd* {.command.}: Web3Cmd
|
|
of Web3Cmd.test:
|
|
web3TestUrl* {.
|
|
argument
|
|
desc: "The web3 provider URL to test"
|
|
name: "url" .}: Uri
|
|
|
|
of BNStartUpCmd.slashingdb:
|
|
case slashingdbCmd* {.command.}: SlashProtCmd
|
|
of SlashProtCmd.`import`:
|
|
importedInterchangeFile* {.
|
|
desc: "EIP-3076 slashing protection interchange file to import"
|
|
argument .}: InputFile
|
|
of SlashProtCmd.`export`:
|
|
exportedValidators* {.
|
|
desc: "Limit the export to specific validators " &
|
|
"(specified as numeric indices or public keys)"
|
|
abbr: "v"
|
|
name: "validator" .}: seq[PubKey0x]
|
|
exportedInterchangeFile* {.
|
|
desc: "EIP-3076 slashing protection interchange file to export"
|
|
argument .}: OutFile
|
|
|
|
of BNStartUpCmd.trustedNodeSync:
|
|
trustedNodeUrl* {.
|
|
desc: "URL of the REST API to sync from"
|
|
defaultValue: defaultBeaconNode
|
|
defaultValueDesc: $defaultBeaconNodeDesc
|
|
name: "trusted-node-url"
|
|
.}: string
|
|
|
|
stateId* {.
|
|
desc: "State id to sync to - this can be \"finalized\", a slot number or state hash or \"head\""
|
|
name: "state-id"
|
|
.}: Option[string]
|
|
|
|
blockId* {.
|
|
hidden
|
|
desc: "Block id to sync to - this can be a block root, slot number, \"finalized\" or \"head\" (deprecated)"
|
|
.}: Option[string]
|
|
|
|
lcTrustedBlockRoot* {.
|
|
desc: "Recent trusted finalized block root to initialize light client from"
|
|
name: "trusted-block-root" .}: Option[Eth2Digest]
|
|
|
|
backfillBlocks* {.
|
|
desc: "Backfill blocks directly from REST server instead of fetching via API"
|
|
defaultValue: true
|
|
name: "backfill" .}: bool
|
|
|
|
reindex* {.
|
|
desc: "Recreate historical state index at end of backfill, allowing full history access (requires full backfill)"
|
|
defaultValue: false .}: bool
|
|
|
|
downloadDepositSnapshot* {.
|
|
desc: "Also try to download a snapshot of the deposit contract state"
|
|
defaultValue: false
|
|
name: "with-deposit-snapshot" .}: bool
|
|
|
|
ValidatorClientConf* = object
|
|
configFile* {.
|
|
desc: "Loads the configuration from a TOML file"
|
|
name: "config-file" .}: Option[InputFile]
|
|
|
|
logLevel* {.
|
|
desc: "Sets the log level"
|
|
defaultValue: "INFO"
|
|
name: "log-level" .}: string
|
|
|
|
logStdout* {.
|
|
hidden
|
|
desc: "Specifies what kind of logs should be written to stdout (auto, colors, nocolors, json)"
|
|
defaultValueDesc: "auto"
|
|
defaultValue: StdoutLogKind.Auto
|
|
name: "log-format" .}: StdoutLogKind
|
|
|
|
logFile* {.
|
|
desc: "Specifies a path for the written JSON log file (deprecated)"
|
|
name: "log-file" .}: Option[OutFile]
|
|
|
|
dataDir* {.
|
|
desc: "The directory where nimbus will store all blockchain data"
|
|
defaultValue: config.defaultDataDir()
|
|
defaultValueDesc: ""
|
|
abbr: "d"
|
|
name: "data-dir" .}: OutDir
|
|
|
|
doppelgangerDetection* {.
|
|
# TODO This description is shared between the BN and the VC.
|
|
# Extract it in a constant (confutils fix may be needed).
|
|
desc: "If enabled, the validator client prudently listens for 2 epochs " &
|
|
"for attestations from a validator with the same index " &
|
|
"(a doppelganger), before sending an attestation itself. This " &
|
|
"protects against slashing (due to double-voting) but means you " &
|
|
"will miss two attestations when restarting."
|
|
defaultValue: true
|
|
name: "doppelganger-detection" .}: bool
|
|
|
|
nonInteractive* {.
|
|
desc: "Do not display interactive prompts. Quit on missing configuration"
|
|
name: "non-interactive" .}: bool
|
|
|
|
validatorsDirFlag* {.
|
|
desc: "A directory containing validator keystores"
|
|
name: "validators-dir" .}: Option[InputDir]
|
|
|
|
verifyingWeb3Signers* {.
|
|
desc: "Remote Web3Signer URL that will be used as a source of validators"
|
|
name: "verifying-web3-signer-url" .}: seq[Uri]
|
|
|
|
provenBlockProperties* {.
|
|
desc: "The field path of a block property that will be sent for verification to the verifying Web3Signer (for example \".execution_payload.fee_recipient\")"
|
|
name: "proven-block-property" .}: seq[string]
|
|
|
|
web3signerUpdateInterval* {.
|
|
desc: "Number of seconds between validator list updates"
|
|
name: "web3-signer-update-interval"
|
|
defaultValue: 3600 .}: Natural
|
|
|
|
web3Signers* {.
|
|
desc: "Remote Web3Signer URL that will be used as a source of validators"
|
|
name: "web3-signer-url" .}: seq[Uri]
|
|
|
|
secretsDirFlag* {.
|
|
desc: "A directory containing validator keystore passwords"
|
|
name: "secrets-dir" .}: Option[InputDir]
|
|
|
|
restRequestTimeout* {.
|
|
defaultValue: 0
|
|
defaultValueDesc: "infinite"
|
|
desc: "The number of seconds to wait until complete REST request " &
|
|
"will be received"
|
|
name: "rest-request-timeout" .}: Natural
|
|
|
|
restMaxRequestBodySize* {.
|
|
defaultValue: 16_384
|
|
desc: "Maximum size of REST request body (kilobytes)"
|
|
name: "rest-max-body-size" .}: Natural
|
|
|
|
restMaxRequestHeadersSize* {.
|
|
defaultValue: 64
|
|
desc: "Maximum size of REST request headers (kilobytes)"
|
|
name: "rest-max-headers-size" .}: Natural
|
|
|
|
# Same option as appears in Lighthouse and Prysm
|
|
# https://lighthouse-book.sigmaprime.io/suggested-fee-recipient.html
|
|
# https://github.com/prysmaticlabs/prysm/pull/10312
|
|
suggestedFeeRecipient* {.
|
|
desc: "Suggested fee recipient"
|
|
name: "suggested-fee-recipient" .}: Option[Address]
|
|
|
|
suggestedGasLimit* {.
|
|
desc: "Suggested gas limit"
|
|
defaultValue: defaultGasLimit
|
|
name: "suggested-gas-limit" .}: uint64
|
|
|
|
keymanagerEnabled* {.
|
|
desc: "Enable the REST keymanager API"
|
|
defaultValue: false
|
|
name: "keymanager" .}: bool
|
|
|
|
keymanagerPort* {.
|
|
desc: "Listening port for the REST keymanager API"
|
|
defaultValue: defaultEth2RestPort
|
|
defaultValueDesc: $defaultEth2RestPortDesc
|
|
name: "keymanager-port" .}: Port
|
|
|
|
keymanagerAddress* {.
|
|
desc: "Listening port for the REST keymanager API"
|
|
defaultValue: defaultAdminListenAddress
|
|
defaultValueDesc: $defaultAdminListenAddressDesc
|
|
name: "keymanager-address" .}: IpAddress
|
|
|
|
keymanagerAllowedOrigin* {.
|
|
desc: "Limit the access to the Keymanager API to a particular hostname " &
|
|
"(for CORS-enabled clients such as browsers)"
|
|
name: "keymanager-allow-origin" .}: Option[string]
|
|
|
|
keymanagerTokenFile* {.
|
|
desc: "A file specifying the authorizition token required for accessing the keymanager API"
|
|
name: "keymanager-token-file" .}: Option[InputFile]
|
|
|
|
metricsEnabled* {.
|
|
desc: "Enable the metrics server (BETA)"
|
|
defaultValue: false
|
|
name: "metrics" .}: bool
|
|
|
|
metricsAddress* {.
|
|
desc: "Listening address of the metrics server (BETA)"
|
|
defaultValue: defaultAdminListenAddress
|
|
defaultValueDesc: $defaultAdminListenAddressDesc
|
|
name: "metrics-address" .}: IpAddress
|
|
|
|
metricsPort* {.
|
|
desc: "Listening HTTP port of the metrics server (BETA)"
|
|
defaultValue: 8108
|
|
name: "metrics-port" .}: Port
|
|
|
|
graffiti* {.
|
|
desc: "The graffiti value that will appear in proposed blocks. " &
|
|
"You can use a 0x-prefixed hex encoded string to specify " &
|
|
"raw bytes"
|
|
name: "graffiti" .}: Option[GraffitiBytes]
|
|
|
|
stopAtEpoch* {.
|
|
desc: "A positive epoch selects the epoch at which to stop"
|
|
defaultValue: 0
|
|
name: "debug-stop-at-epoch" .}: uint64
|
|
|
|
payloadBuilderEnable* {.
|
|
desc: "Enable usage of beacon node with external payload builder (BETA)"
|
|
defaultValue: false
|
|
name: "payload-builder" .}: bool
|
|
|
|
distributedEnabled* {.
|
|
desc: "Enable usage of Obol middleware (BETA)"
|
|
defaultValue: false
|
|
name: "distributed".}: bool
|
|
|
|
beaconNodes* {.
|
|
desc: "URL addresses to one or more beacon node HTTP REST APIs",
|
|
defaultValue: @[defaultBeaconNodeUri]
|
|
defaultValueDesc: $defaultBeaconNodeUri
|
|
name: "beacon-node" .}: seq[Uri]
|
|
|
|
monitoringType* {.
|
|
desc: "Enable block monitoring which are seen by beacon node (BETA)"
|
|
defaultValue: BlockMonitoringType.Disabled
|
|
name: "block-monitor-type".}: BlockMonitoringType
|
|
|
|
SigningNodeConf* = object
|
|
configFile* {.
|
|
desc: "Loads the configuration from a TOML file"
|
|
name: "config-file" .}: Option[InputFile]
|
|
|
|
logLevel* {.
|
|
desc: "Sets the log level"
|
|
defaultValue: "INFO"
|
|
name: "log-level" .}: string
|
|
|
|
logStdout* {.
|
|
desc: "Specifies what kind of logs should be written to stdout (auto, colors, nocolors, json)"
|
|
defaultValueDesc: "auto"
|
|
defaultValue: StdoutLogKind.Auto
|
|
name: "log-stdout" .}: StdoutLogKind
|
|
|
|
logFile* {.
|
|
desc: "Specifies a path for the written JSON log file"
|
|
name: "log-file" .}: Option[OutFile]
|
|
|
|
nonInteractive* {.
|
|
desc: "Do not display interactive prompts. Quit on missing configuration"
|
|
name: "non-interactive" .}: bool
|
|
|
|
dataDir* {.
|
|
desc: "The directory where nimbus will store validator's keys"
|
|
defaultValue: config.defaultDataDir()
|
|
defaultValueDesc: ""
|
|
abbr: "d"
|
|
name: "data-dir" .}: OutDir
|
|
|
|
validatorsDirFlag* {.
|
|
desc: "A directory containing validator keystores"
|
|
name: "validators-dir" .}: Option[InputDir]
|
|
|
|
secretsDirFlag* {.
|
|
desc: "A directory containing validator keystore passwords"
|
|
name: "secrets-dir" .}: Option[InputDir]
|
|
|
|
expectedFeeRecipient* {.
|
|
desc: "Signatures for blocks will require proofs of the specified " &
|
|
"fee recipient"
|
|
name: "expected-fee-recipient".}: Option[Address]
|
|
|
|
serverIdent* {.
|
|
desc: "Server identifier which will be used in HTTP Host header"
|
|
name: "server-ident" .}: Option[string]
|
|
|
|
requestTimeout* {.
|
|
desc: "Request timeout, maximum time that node will wait for remote " &
|
|
"client request (in seconds)"
|
|
defaultValue: defaultSigningNodeRequestTimeout
|
|
name: "request-timeout" .}: int
|
|
|
|
bindPort* {.
|
|
desc: "Port for the REST HTTP server"
|
|
defaultValue: defaultEth2RestPort
|
|
defaultValueDesc: $defaultEth2RestPortDesc
|
|
name: "bind-port" .}: Port
|
|
|
|
bindAddress* {.
|
|
desc: "Listening address of the REST HTTP server"
|
|
defaultValue: defaultAdminListenAddress
|
|
defaultValueDesc: $defaultAdminListenAddressDesc
|
|
name: "bind-address" .}: IpAddress
|
|
|
|
tlsEnabled* {.
|
|
desc: "Use secure TLS communication for REST server"
|
|
defaultValue: false
|
|
name: "tls" .}: bool
|
|
|
|
tlsCertificate* {.
|
|
desc: "Path to SSL certificate file"
|
|
name: "tls-cert" .}: Option[InputFile]
|
|
|
|
tlsPrivateKey* {.
|
|
desc: "Path to SSL ceritificate's private key"
|
|
name: "tls-key" .}: Option[InputFile]
|
|
|
|
AnyConf* = BeaconNodeConf | ValidatorClientConf | SigningNodeConf
|
|
|
|
proc defaultDataDir*[Conf](config: Conf): string =
|
|
let dataDir = when defined(windows):
|
|
"AppData" / "Roaming" / "Nimbus"
|
|
elif defined(macosx):
|
|
"Library" / "Application Support" / "Nimbus"
|
|
else:
|
|
".cache" / "nimbus"
|
|
|
|
getHomeDir() / dataDir / "BeaconNode"
|
|
|
|
func dumpDir(config: AnyConf): string =
|
|
config.dataDir / "dump"
|
|
|
|
func dumpDirInvalid*(config: AnyConf): string =
|
|
config.dumpDir / "invalid" # things that failed validation
|
|
|
|
func dumpDirIncoming*(config: AnyConf): string =
|
|
config.dumpDir / "incoming" # things that couldn't be validated (missingparent etc)
|
|
|
|
func dumpDirOutgoing*(config: AnyConf): string =
|
|
config.dumpDir / "outgoing" # things we produced
|
|
|
|
proc createDumpDirs*(config: BeaconNodeConf) =
|
|
proc fail {.noreturn.} =
|
|
raiseAssert "createDumpDirs should be used only in the right context"
|
|
|
|
case config.cmd
|
|
of BNStartUpCmd.noCommand:
|
|
if config.dumpEnabled:
|
|
if (let res = secureCreatePath(config.dumpDirInvalid); res.isErr):
|
|
warn "Could not create dump directory",
|
|
path = config.dumpDirInvalid, err = ioErrorMsg(res.error)
|
|
if (let res = secureCreatePath(config.dumpDirIncoming); res.isErr):
|
|
warn "Could not create dump directory",
|
|
path = config.dumpDirIncoming, err = ioErrorMsg(res.error)
|
|
if (let res = secureCreatePath(config.dumpDirOutgoing); res.isErr):
|
|
warn "Could not create dump directory",
|
|
path = config.dumpDirOutgoing, err = ioErrorMsg(res.error)
|
|
else: fail()
|
|
|
|
func parseCmdArg*(T: type Eth2Digest, input: string): T
|
|
{.raises: [ValueError].} =
|
|
Eth2Digest.fromHex(input)
|
|
|
|
func completeCmdArg*(T: type Eth2Digest, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func parseCmdArg*(T: type GraffitiBytes, input: string): T
|
|
{.raises: [ValueError].} =
|
|
GraffitiBytes.init(input)
|
|
|
|
func completeCmdArg*(T: type GraffitiBytes, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func parseCmdArg*(T: type BlockHashOrNumber, input: string): T
|
|
{.raises: [ValueError].} =
|
|
init(BlockHashOrNumber, input)
|
|
|
|
func completeCmdArg*(T: type BlockHashOrNumber, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func parseCmdArg*(T: type Uri, input: string): T
|
|
{.raises: [ValueError].} =
|
|
parseUri(input)
|
|
|
|
func completeCmdArg*(T: type Uri, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func parseCmdArg*(T: type PubKey0x, input: string): T
|
|
{.raises: [ValueError].} =
|
|
PubKey0x(hexToPaddedByteArray[RawPubKeySize](input))
|
|
|
|
func parseCmdArg*(T: type ValidatorPubKey, input: string): T
|
|
{.raises: [ValueError].} =
|
|
let res = ValidatorPubKey.fromHex(input)
|
|
if res.isErr(): raise (ref ValueError)(msg: $res.error())
|
|
res.get()
|
|
|
|
func completeCmdArg*(T: type PubKey0x, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func parseCmdArg*(T: type Checkpoint, input: string): T
|
|
{.raises: [ValueError].} =
|
|
let sepIdx = find(input, ':')
|
|
if sepIdx == -1 or sepIdx == input.len - 1:
|
|
raise newException(ValueError,
|
|
"The weak subjectivity checkpoint must be provided in the `block_root:epoch_number` format")
|
|
|
|
var root: Eth2Digest
|
|
hexToByteArrayStrict(input.toOpenArray(0, sepIdx - 1), root.data)
|
|
|
|
T(root: root, epoch: parseBiggestUInt(input[sepIdx + 1 .. ^1]).Epoch)
|
|
|
|
func completeCmdArg*(T: type Checkpoint, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func parseCmdArg*(T: type Epoch, input: string): T
|
|
{.raises: [ValueError].} =
|
|
Epoch parseBiggestUInt(input)
|
|
|
|
func completeCmdArg*(T: type Epoch, input: string): seq[string] =
|
|
return @[]
|
|
|
|
func isPrintable(rune: Rune): bool =
|
|
# This can be eventually replaced by the `unicodeplus` package, but a single
|
|
# proc does not justify the extra dependencies at the moment:
|
|
# https://github.com/nitely/nim-unicodeplus
|
|
# https://github.com/nitely/nim-segmentation
|
|
rune == Rune(0x20) or unicodeCategory(rune) notin ctgC+ctgZ
|
|
|
|
func parseCmdArg*(T: type WalletName, input: string): T
|
|
{.raises: [ValueError].} =
|
|
if input.len == 0:
|
|
raise newException(ValueError, "The wallet name should not be empty")
|
|
if input[0] == '_':
|
|
raise newException(ValueError, "The wallet name should not start with an underscore")
|
|
for rune in runes(input):
|
|
if not rune.isPrintable:
|
|
raise newException(ValueError, "The wallet name should consist only of printable characters")
|
|
|
|
# From the Unicode Normalization FAQ (https://unicode.org/faq/normalization.html):
|
|
# NFKC is the preferred form for identifiers, especially where there are security concerns
|
|
# (see UTR #36 http://www.unicode.org/reports/tr36/)
|
|
return T(toNFKC(input))
|
|
|
|
func completeCmdArg*(T: type WalletName, input: string): seq[string] =
|
|
return @[]
|
|
|
|
proc parseCmdArg*(T: type enr.Record, p: string): T {.raises: [ValueError].} =
|
|
if not fromURI(result, p):
|
|
raise newException(ValueError, "Invalid ENR")
|
|
|
|
func completeCmdArg*(T: type enr.Record, val: string): seq[string] =
|
|
return @[]
|
|
|
|
func validatorsDir*[Conf](config: Conf): string =
|
|
string config.validatorsDirFlag.get(InputDir(config.dataDir / "validators"))
|
|
|
|
func secretsDir*[Conf](config: Conf): string =
|
|
string config.secretsDirFlag.get(InputDir(config.dataDir / "secrets"))
|
|
|
|
func walletsDir*(config: BeaconNodeConf): string =
|
|
string config.walletsDirFlag.get(InputDir(config.dataDir / "wallets"))
|
|
|
|
func eraDir*(config: BeaconNodeConf): string =
|
|
# The era directory should be shared between networks of the same type..
|
|
string config.eraDirFlag.get(InputDir(config.dataDir / "era"))
|
|
|
|
{.push warning[ProveField]:off.} # https://github.com/nim-lang/Nim/issues/22791
|
|
func outWalletName*(config: BeaconNodeConf): Option[WalletName] =
|
|
proc fail {.noreturn.} =
|
|
raiseAssert "outWalletName should be used only in the right context"
|
|
|
|
case config.cmd
|
|
of wallets:
|
|
case config.walletsCmd
|
|
of WalletsCmd.create: config.createdWalletNameFlag
|
|
of WalletsCmd.restore: config.restoredWalletNameFlag
|
|
of WalletsCmd.list: fail()
|
|
of deposits:
|
|
case config.depositsCmd
|
|
of DepositsCmd.createTestnetDeposits: config.newWalletNameFlag
|
|
else: fail()
|
|
else:
|
|
fail()
|
|
{.pop.}
|
|
|
|
{.push warning[ProveField]:off.} # https://github.com/nim-lang/Nim/issues/22791
|
|
func outWalletFile*(config: BeaconNodeConf): Option[OutFile] =
|
|
proc fail {.noreturn.} =
|
|
raiseAssert "outWalletFile should be used only in the right context"
|
|
|
|
case config.cmd
|
|
of wallets:
|
|
case config.walletsCmd
|
|
of WalletsCmd.create: config.createdWalletFileFlag
|
|
of WalletsCmd.restore: config.restoredWalletFileFlag
|
|
of WalletsCmd.list: fail()
|
|
of deposits:
|
|
case config.depositsCmd
|
|
of DepositsCmd.createTestnetDeposits: config.newWalletFileFlag
|
|
else: fail()
|
|
else:
|
|
fail()
|
|
{.pop.}
|
|
|
|
func databaseDir*(dataDir: OutDir): string =
|
|
dataDir / "db"
|
|
|
|
template databaseDir*(config: AnyConf): string =
|
|
config.dataDir.databaseDir
|
|
|
|
func runAsService*(config: BeaconNodeConf): bool =
|
|
case config.cmd
|
|
of noCommand:
|
|
config.runAsServiceFlag
|
|
else:
|
|
false
|
|
|
|
func web3SignerUrls*(conf: AnyConf): seq[Web3SignerUrl] =
|
|
for url in conf.web3Signers:
|
|
result.add Web3SignerUrl(url: url)
|
|
|
|
for url in conf.verifyingWeb3Signers:
|
|
result.add Web3SignerUrl(url: url,
|
|
provenBlockProperties: conf.provenBlockProperties)
|
|
|
|
template writeValue*(writer: var JsonWriter,
|
|
value: TypedInputFile|InputFile|InputDir|OutPath|OutDir|OutFile) =
|
|
writer.writeValue(string value)
|
|
|
|
template raiseUnexpectedValue(r: var TomlReader, msg: string) =
|
|
# TODO: We need to implement `raiseUnexpectedValue` for TOML,
|
|
# so the correct line and column information can be included
|
|
# in error messages:
|
|
raise newException(SerializationError, msg)
|
|
|
|
proc readValue*(r: var TomlReader, value: var Epoch)
|
|
{.raises: [SerializationError, IOError].} =
|
|
value = Epoch r.parseInt(uint64)
|
|
|
|
proc readValue*(r: var TomlReader, value: var GraffitiBytes)
|
|
{.raises: [SerializationError, IOError].} =
|
|
try:
|
|
value = GraffitiBytes.init(r.readValue(string))
|
|
except ValueError:
|
|
r.raiseUnexpectedValue("A printable string or 0x-prefixed hex-encoded raw bytes expected")
|
|
|
|
proc readValue*(r: var TomlReader, val: var NatConfig)
|
|
{.raises: [SerializationError].} =
|
|
val = try: parseCmdArg(NatConfig, r.readValue(string))
|
|
except CatchableError as err:
|
|
raise newException(SerializationError, err.msg)
|
|
|
|
proc readValue*(r: var TomlReader, a: var Eth2Digest)
|
|
{.raises: [IOError, SerializationError].} =
|
|
try:
|
|
a = fromHex(type(a), r.readValue(string))
|
|
except ValueError:
|
|
r.raiseUnexpectedValue("Hex string expected")
|
|
|
|
proc readValue*(reader: var TomlReader, value: var ValidatorPubKey)
|
|
{.raises: [SerializationError].} =
|
|
let keyAsString = try:
|
|
reader.readValue(string)
|
|
except CatchableError:
|
|
raiseUnexpectedValue(reader, "A hex-encoded string expected")
|
|
|
|
let key = ValidatorPubKey.fromHex(keyAsString)
|
|
if key.isOk:
|
|
value = key.get
|
|
else:
|
|
# TODO: Can we provide better diagnostic?
|
|
raiseUnexpectedValue(reader, "Valid hex-encoded public key expected")
|
|
|
|
proc readValue*(r: var TomlReader, a: var PubKey0x)
|
|
{.raises: [SerializationError].} =
|
|
try:
|
|
a = parseCmdArg(PubKey0x, r.readValue(string))
|
|
except CatchableError:
|
|
r.raiseUnexpectedValue("a 0x-prefixed hex-encoded string expected")
|
|
|
|
proc readValue*(r: var TomlReader, a: var WalletName)
|
|
{.raises: [SerializationError].} =
|
|
try:
|
|
a = parseCmdArg(WalletName, r.readValue(string))
|
|
except CatchableError:
|
|
r.raiseUnexpectedValue("string expected")
|
|
|
|
proc readValue*(r: var TomlReader, a: var Address)
|
|
{.raises: [SerializationError].} =
|
|
try:
|
|
a = parseCmdArg(Address, r.readValue(string))
|
|
except CatchableError:
|
|
r.raiseUnexpectedValue("string expected")
|
|
|
|
proc loadEth2Network*(eth2Network: Option[string]): Eth2NetworkMetadata =
|
|
const defaultName =
|
|
when const_preset == "gnosis":
|
|
"gnosis"
|
|
elif const_preset == "mainnet":
|
|
"mainnet"
|
|
else:
|
|
"(unspecified)"
|
|
network_name.set(2, labelValues = [eth2Network.get(otherwise = defaultName)])
|
|
|
|
if eth2Network.isSome:
|
|
getMetadataForNetwork(eth2Network.get)
|
|
else:
|
|
when const_preset == "gnosis":
|
|
getMetadataForNetwork("gnosis")
|
|
elif const_preset == "mainnet":
|
|
getMetadataForNetwork("mainnet")
|
|
else:
|
|
# Presumably other configurations can have other defaults, but for now
|
|
# this simplifies the flow
|
|
fatal "Must specify network on non-mainnet node"
|
|
quit 1
|
|
|
|
template loadEth2Network*(config: BeaconNodeConf): Eth2NetworkMetadata =
|
|
loadEth2Network(config.eth2Network)
|
|
|
|
func defaultFeeRecipient*(conf: AnyConf): Opt[Eth1Address] =
|
|
if conf.suggestedFeeRecipient.isSome:
|
|
Opt.some conf.suggestedFeeRecipient.get
|
|
else:
|
|
# https://github.com/nim-lang/Nim/issues/19802
|
|
(static(Opt.none Eth1Address))
|
|
|
|
proc loadJwtSecret(
|
|
rng: var HmacDrbgContext,
|
|
dataDir: string,
|
|
jwtSecret: Opt[InputFile],
|
|
allowCreate: bool): Opt[seq[byte]] =
|
|
# Some Web3 endpoints aren't compatible with JWT, but if explicitly chosen,
|
|
# use it regardless.
|
|
if jwtSecret.isSome or allowCreate:
|
|
let secret = rng.checkJwtSecret(dataDir, jwtSecret)
|
|
if secret.isErr:
|
|
fatal "Specified a JWT secret file which couldn't be loaded",
|
|
err = secret.error
|
|
quit 1
|
|
|
|
Opt.some secret.get
|
|
else:
|
|
Opt.none seq[byte]
|
|
|
|
func configJwtSecretOpt*(jwtSecret: Option[InputFile]): Opt[InputFile] =
|
|
if jwtSecret.isSome:
|
|
Opt.some jwtSecret.get
|
|
else:
|
|
Opt.none InputFile
|
|
|
|
proc loadJwtSecret*(
|
|
rng: var HmacDrbgContext,
|
|
config: BeaconNodeConf,
|
|
allowCreate: bool): Opt[seq[byte]] =
|
|
rng.loadJwtSecret(
|
|
string(config.dataDir), config.jwtSecret.configJwtSecretOpt, allowCreate)
|
|
|
|
proc engineApiUrls*(config: BeaconNodeConf): seq[EngineApiUrl] =
|
|
let elUrls = if config.noEl:
|
|
return newSeq[EngineApiUrl]()
|
|
elif config.elUrls.len == 0 and config.web3Urls.len == 0:
|
|
@[getDefaultEngineApiUrl(config.jwtSecret)]
|
|
else:
|
|
config.elUrls
|
|
|
|
(elUrls & config.web3Urls).toFinalEngineApiUrls(
|
|
config.jwtSecret.configJwtSecretOpt)
|
|
|
|
proc loadKzgTrustedSetup*(): Result[void, string] =
|
|
const
|
|
vendorDir = currentSourcePath.parentDir.replace('\\', '/') & "/../vendor"
|
|
trustedSetup = staticRead(
|
|
vendorDir & "/nim-kzg4844/kzg4844/csources/src/trusted_setup.txt")
|
|
|
|
static: doAssert const_preset in ["mainnet", "gnosis", "minimal"]
|
|
Kzg.loadTrustedSetupFromString(trustedSetup)
|
|
|
|
proc loadKzgTrustedSetup*(trustedSetupPath: string): Result[void, string] =
|
|
try:
|
|
Kzg.loadTrustedSetupFromString(readFile(trustedSetupPath))
|
|
except IOError as err:
|
|
err(err.msg)
|