Giter Club home page Giter Club logo

rescue-proxy's Introduction

Rescue Node Proxy golangci-lint GoReportCard

Rescue-Proxy

Rocket Pool Rescue Node's Rescue-Proxy is a custom reverse proxy meant to sit between a shared beacon node and its downstream users. It behaves like a normal reverse proxy with the following added features and protections:

  1. HMAC authentication via HTTP Basic Auth / GRPC headers
  2. Fee Recipient validation for Rocket Pool validator clients
  3. Credential expiration
  4. Robust caching for frequently accessed immutable chain data
  5. GRPC support for Prysm; HTTP support for Nimbus, Lighthouse, and Teku

Usage

Usage of ./rescue-proxy:
  -addr string
        Address on which to reply to HTTP requests (default "0.0.0.0:80")
  -admin-addr string
        Address on which to reply to admin/metrics requests (default "0.0.0.0:8000")
  -api-addr string
        Address on which to reply to gRPC API requests (default "0.0.0.0:8080")
  -auth-valid-for string
        The duration after which a credential should be considered invalid, eg, 360h for 15 days (default "360h")
  -bn-url string
        URL to the beacon node to proxy, eg, http://localhost:5052
  -cache-path string
        A path to cache EL data in. Leave blank to disable caching.
  -debug
        Whether to enable verbose logging
  -ec-url string
        URL to the execution client to use, eg, http://localhost:8545
  -grpc-addr string
        Address on which to reply to gRPC requests
  -grpc-beacon-addr string
        Address to the beacon node to proxy for gRPC, eg, localhost:4000
  -hmac-secret string
        The secret to use for HMAC (default "test-secret")
  -rocketstorage-addr string
        Address of the Rocket Storage contract. Defaults to mainnet (default "0x1d8f8f00cfa6758d7bE78336684788Fb0ee0Fa46")
  • The -grpc flags should only be used with a Prysm beacon node.
    • The user must pass --grpc-headers=rprnauth=USERNAME:PASSWORD in this case.
  • The user should use Basic Auth for access (e.g. Beacon Node URL http://USERNAME:[email protected]:80)
  • -hmac-secret must match the one used with the Credentials library that generated the username, password

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

License

AGPL
Copyright (C) 2022 Jacob Shufro and João Poupino

rescue-proxy's People

Contributors

jshufro avatar poupas avatar lissstern avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.