Namada logo

Links

Website - http://namada.net/

Twitter - http://twitter.com/namada

Discord - http://discord.com/invite/namada

Telegram - http://t.me/namadaprotocol

Offitial Doc - http://docs.namada.net/

GitHub - http://github.com/anoma/namada

Faucet - https://faucet.heliax.click

Validator Requirements

Minimum Hardware Requirements to run Validator // 8GB RAM / 1TB SSD / 4 Cores //

Recommended Hardware Requirements to run Validator // 16GB RAM / 1TB SSD / 8 Cores //

OS : Linux OS Ubuntu 22.04.3 LTS

Services

Explorer - http://namada.explorers.guru/validators

RPC+indexer Shielded Expedition - https://namadarpcse.cryptosj.net

** TO USE RPC WITH --node PLEASE USE tcp://namadarpcse.cryptosj.net:19902 **

RPC+indexer Shielded Expedition - tcp://namadarpcse.cryptosj.net:19902

Namada Finder (EXPLORER) - https://namadafinder.cryptosj.net

Config

Genesis - https://files.cryptosj.net/files/namadatestnet/genesis.json

Addrbook - https://files.cryptosj.net/files/namadatestnet/addrbook.json

Seed node: tcp://[email protected]:12904

Live peers ** count **

Snapshot Shielded Expedition - https://files.cryptosj.net/files/namadatestnet/namadatestnet.tar.gz

Snapshot ** block height is ** ** size is ** ** app version **

Snapshot ** CREATION DATE **

Installation ** chain ID is shielded-expedition.88f17d1d14 **

mkdir files

cd files

wget https://github.com/anoma/namada/releases/download/v0.31.0/namada-v0.31.2-Linux-x86_64.tar.gz

wget https://github.com/cometbft/cometbft/releases/download/v0.37.2/cometbft_0.37.2_linux_amd64.tar.gz

tar -xvf namada-v0.31.2-Linux-x86_64.tar.gz

tar -xvf cometbft_0.37.2_linux_amd64.tar.gz

sudo cp cometbft /usr/local/bin/

sudo cp cometbft /usr/bin/

sudo cp namada-v0.31.2-Linux-x86_64/namada* /usr/local/bin/

sudo cp namada-v0.31.2-Linux-x86_64/namada* /usr/bin/

sudo cp namada-v0.31.2-Linux-x86_64/namada* /usr/local/sbin/

Service Files

sudo nano /etc/systemd/system/namada.service

** copy and paste the blow be sure to change the YOUR_LINUX_USER **

[Unit] Description=Namada Service After=network-online.target [Service] User=YOUR_LINUX_USER WorkingDirectory=/YOUR_LINUX_USER/.local/share/namada Environment=NAMADA_LOG=debug Environment=NAMADA_TM_STDOUT=true Environment=NAMADA_CMT_STDOUT=true Environment=CMT_LOG_LEVEL=p2p:none,pex:error ExecStart=/usr/local/bin/namada --base-dir=/YOUR_LINUX_USER/.local/share/namada ledger run StandardOutput=syslog StandardError=syslog CPUWeight=30 IOWeight=30 Restart=always RestartSec=10 LimitNOFILE=102400 [Install] WantedBy=multi-user.target


Start and Init the network

sudo systemctl enable namada.service

** Be sure to change ALIAS to your chosen one **

export CHAIN_ID="shielded-expedition.88f17d1d14"

export ALIAS="YourChosenValidtorAlias"

** IF YOU WILL RUN PRE-GENESIS Validators **

namada client utils join-network --chain-id $CHAIN_ID --genesis-validator $ALIAS

** IF YOU WILL RUN POST-GENESIS VALIDATOR **

namada client utils join-network --chain-id $CHAIN_ID

sudo systemctl start namada.service

sudo journalctl -u namada.service -f --output cat

** check your node status by issueing the command below be sure to install jq using apt **

curl -s localhost:26657/status | jq

Snapshot ** block height is ** ** size is ** ** app version ** Snapshot ** CREATION DATE **

** If you want to use our snapshot ** ** chain ID is shielded-expedition.88f17d1d14 **

sudo systemctl stop namada.service

cd $HOME/.local/share/namada

wget https://files.cryptosj.net/files/namadatestnet/namadatestnet.tar.gz

cp $HOME/.local/share/namada/shielded-expedition.88f17d1d14/cometbft/data/priv_validator_state.json /$HOME

rm -rf shielded-expedition.88f17d1d14/db/

rm -rf shielded-expedition.88f17d1d14/cometbft/data/

tar -xvf namadatestnet.tar.gz

cp $HOME/priv_validator_state.json $HOME/.local/share/namada/shielded-expedition.88f17d1d14/cometbft/data/

sudo systemctl start namada.service

sudo journalctl -u namada.service -f --output cat

** you can check node status **

curl http://127.0.0.1:26657/status | jq

Cli Commands

namadac = namada client

namadaw = namada wallet



** For Complete user guide please check **

     Namada User Guide - https://docs.namada.net/users



** Check Status of the node **

curl http://127.0.0.1:26657/status | jq



** List your namada wallet address **

namada wallet key list



** Generate a keypair named alice **

namada wallet key gen --alias alice



** restore your keypair named alice **

namada wallet key restore --alias alice --hd-path default



** Generate an implicit address **

namada wallet address gen --alias YOUR_Desired_implicit_address_name



** Initialize an established account **

namada client init-account --alias establishment --public-keys alice --signing-keys alice --threshold 1



** Send a Payment **

namada client transfer --source establishment --target validator-1 --token NAM --amount 10 --signing-keys alice



** check your balance **

namada client balance --token NAM --owner my-new-acc



** Using MASP **

  ** Shielding transfers **

    ** Generate your Spending Key **

namadaw masp gen-key --alias "your-spending-key-alias"



** Create a new payment address **

namadaw masp gen-addr --key "your-spending-key-alias" --alias "your-payment-address-alias"

** Send your shielding transfer **

namadac transfer --source "your-established-account-alias" --target "your-payment-address-alias" --token btc --amount "amount-to-shield"

** View one's balance **

namadac balance --owner "your-spending-key-alias"

** Shielded transfers **

namadac transfer --source "your-spending-key-alias" --target "destination-payment-address" --token btc --amount "amount-to-transfer" --signing-keys "your-implicit-account-alias"

** Unshielding transfers **

namadac transfer --source "your-spending-key-alias" --target "some-transparent-address-alias" --token btc --amount "amount-to-unshield" --signing-keys "your-implicit-account-alias"

** Shielded Address/Key Generation **   ** Payment Address Generation **

stake to validator namada client bond --source aliace --validator validator-1 --amount 12.34

** check your staked **

namada client bonds --owner aliace

** Self-bonding **

namada client bond --validator my-validator --amount 3.3

** Query a validator's bonded-stake **

namada client bonded-stake

** Find all the slashes **

namada client slashes

** Non-self unbonding **

namada client unbond --source aliace --validator validator-1 --amount 1.2

** Self-unbonding **

namada client unbond --validator my-validator --amount 0.3

** Withdrawing Unbonded Tokens **

namada client bonds --owner aliace

** Withdrawing Unbonded Tokens **

namada client bonds --owner aliace

namada client withdraw --source aliace --validator validator-1

** transfer Funds **

namada client transfer --source "SENDER_ADDRESS" --target "RECEIVER_ADDRESS" --token NAM --amount 20 --signing-keys $KEY_ALIAS

Monitoring Your Node

** To monitor your node you have to keep an eye on your node as well as your server **

** and to do this we will use grafana,prometheus and node_exporter **

Grafana - https://grafana.com/

Prometheus - https://prometheus.io/

Node_exporter - https://github.com/prometheus/node_exporter

OS : Linux OS Ubuntu 22.04.3 LTS



Grafana ** Installing grafana **

sudo apt-get install -y apt-transport-https software-properties-common wget



sudo mkdir -p /etc/apt/keyrings/



wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null



echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | sudo tee -a /etc/apt/sources.list.d/grafana.list



sudo apt-get update



sudo apt-get install grafana



sudo systemctl daemon-reload



sudo systemctl start grafana-server



sudo systemctl status grafana-server



** Your Grafana should be working now **

** Log to your grafana dashboard on port 3000**

http://SERVER_IP:3000/



** We have to import Namada dashboard **

** go to grafana dashboard **

https://grafana.com/grafana/dashboards/

** search for namada , or chose ID 19014 then import it to your grafana dashboard **

** here is the link for namada dashboard to import **

https://grafana.com/grafana/dashboards/19014-namada-blockchains/



Prometheus ** Installing Prometheus **

** Please follow the complete guide from offical site **

https://prometheus.io/docs/prometheus/latest/installation/



Node_exporter ** Installing Node_exporter **

** Please follow the complete guide from Prometheus site **

https://prometheus.io/docs/guides/node-exporter/



** search for node_exporter , or chose ID 11074 then import it to your grafana dashboard **

** here is the link for Node_exporter dashboard to import **

https://grafana.com/grafana/dashboards/11074-node-exporter-for-prometheus-dashboard-en-v20201010/

Horcrux with Namada Blockchain for High Availability and Security

https://hackmd.io/@mLfyGjG0Qga6LNmJro90zQ/SJSXMg6Sa



Design:

3 horcrux servers as remote Signers cluster
3 Namada Nodes. ( Best to host with different Hosting Providers Ex: AWS , Google , Contabo )



Software Requirements:

OS : Ubuntu 22.04.3 App : horcrux v3.2.2
App : horcrux v3.2.3



Hardware Requirements for Signers:

3x VPS w/ 2 CPU, 2 GB RAM, 20 GB SSD



FW open ports :

19901 for Nodes and 2222 for Signers - you can chose any port you want

DNS records :

3 cname ( node1 , node2,node3 ) for nodes

3 cname ( signer1,signer2,signer3 ) for signers

This guide will assume you already using single Namada node and it is working as validator and need to use horcrux as remote signing cluster with 3 Namada nodes to provide High Availability and Security by eliminating the single point of Failure and to remove the validator signing key from the node for more security .



run These steps on your all signers servers:

Create directory to organize your horcrux files

mkdir horcruxNamada

cd horcruxNamada



Download horcrux binary v3.2.3 to all your signers

wget https://github.com/strangelove-ventures/horcrux/releases/download/v3.2.3/horcrux_linux-amd64



rename horcrux_linux-amd64 to horcrux and copy it to /usr/bin/ and /usr/local/sbin/:

mv horcrux_linux-amd64 horcrux



sudo cp horcrux /usr/bin/



sudo cp horcrux /usr/local/sbin/horcrux



Create a horcrux service:

sudo nano /etc/systemd/system/hornamada.service



paste below content inside:

sudo nano /etc/systemd/system/hornamada.service



[Unit]
Description= horcrux Signer For Namada
After=network.target

[Service]
Type=simple
User=YOUR_LINUX_USER
WorkingDirectory=PATH_To_horcruxNamada
ExecStart=/usr/bin/horcrux start --home PATH_To_horcruxNamada
Restart=on-failure
RestartSec=3
LimitNOFILE=4096

[Install]
WantedBy=multi-user.target


Enable the service using:

sudo systemctl enable hornamada.service





These steps are only for your first Signer ( Signer 1 ):

copy your Namada priv_validator_key.json from namada directory cometbft/config to horcruxNamada folder located in your first horcrux signing server ( Signer 1 )

we will use FQDN instead of IP for easy preferred way

we will use port 19901 for Nodes and port 2222 for signers

please be sure these ports are open in your FW accordingly also

Please be sure about your dns cnames for nodes and signers

horcrux config init --node "tcp://node1.YOURDOMAIN:19901" --node "tcp://node2.YOURDOMAIN:19901" --node "tcp://node3.YOURDOMAIN:19901" --cosigner "tcp://signer1.YOURDOMAIN.net:2222" --cosigner "tcp://signer2.YOURDOMAIN:2222" --cosigner "tcp://signer3.YOURDOMAIN:2222" --threshold 2 --grpc-timeout 1500ms --raft-timeout 1500ms --home PATH_To_horcruxNamada



horcrux create-ecies-shards --shards 3 --home PATH_To_horcruxNamada



horcrux create-ed25519-shards --chain-id NAMADA_CHAIN_ID --key-file PATH_To_horcruxNamada/priv_validator_key.json --threshold 2 --shards 3 --home PATH_To_horcruxNamada



the above steps will generate cosigner communication encryption keys

and you should find new files and new folders inside your horcruxNamada that similar to below

priv_validator_key.json
config.yaml
cosigner_1/ecies_keys.json
cosigner_2/ecies_keys.json
cosigner_3/ecies_keys.json
state


Now move your priv_validator_key.json to secure location as we don’t need it anymore

create a new file inside state folder named NAMADA-CHAIN-ID_priv_validator_state.json

This file will hold the signing state for the cluster

please change the NAMADA-CHAIN-ID with the Namada Chain ID

paste the blew content to it
{
"height": "0",
"round": "0",
" step": 3
}


copy horcruxNamada folder to your both other signers using scp

After copying your horcruxNamada folder to the second signer

you will need to delete both folders named ( cosigner_1 , cosigner_3 )

and their content from signer 2 horcruxNamada folder

This will lead to having Only one Folder named cosigner_2 inside horcruxNamada folder

Copy cosigner_2 content ( ecies_keys.json ) to horcruxNamada Folder

So in the end in singer 2 horcruxNamada folder should be link this

config.yaml
ecies_keys.json
cosigner_2
state\NAMADA-CHAIN-ID_priv_validator_state.json
state


repeat same steps with signer 3 . horcruxNamada folder in signer 3 server should be link this

config.yaml
ecies_keys.json
cosigner_3
state\NAMADA-CHAIN-ID_priv_validator_state.json
state


These steps will be applied for First Namada Node

configure namada to start using the horcrux cluster for signing blocks

by editing config.toml located in Namada config folder

Search for

priv_validator_laddr = ""


then change it to

priv_validator_laddr = "0.0.0.0:19901"


now remove the priv_validator_key.json from the node

and store it in secure location as we don’t need it anymore

stop NAMADA node and ONLY after it stopped open the file priv_validator_state.json

inside the cometbft/data and check the “height” number

go to each signer and edit the NAMADA-CHAIN-ID_priv_validator_state.json

inside the horcruxNamada/state with the “height” number you just got

from your Namada Validator state should be like this

{
"height": "YOUR_NAMADA_height",
"round": "0",
" step": 3
}


Start your first horcrux signer process inside signer one and check the logs

sudo systemctl restart hornamada.service && sudo journalctl -u hornamada.service -f --output cat



start signer 2 and signer 3 horcrux signer process and watch the logs

Now start your Namada process on your First Node and check the logs

If everything is working your node should start signing blocks

please install 2 Namada Nodes in different servers and edit their config file as we did with node 1



WARNING :

FOR ALL RUNNING NODES IN THE CLUSTER BE SURE YOU ARE USING priv_validator_laddr = "0.0.0.0:19901" AND REMOVE THE ORIGNAL priv_validator_key.json FROM ALL NODES PLEASE NOTE THAT USING REMOTE SIGNING COULD LEAD TO DOUBLE SIGNING AND SLASHING IF YOUR NODE SIGNED SAME BLOCK TWICE, SO BE SURE THAT NEVER USE LOCAL AND REMOTE SIGNING SAME TIME .



TROUBLESHOUTING :

check FW ports

check dns for signers and node cnames

check files and folder paths for horcrux

check same horcrux version on all signers

PING RTT time between nodes and signers ( more delay more issues )

IBC

** Soon **
Archive Node Snapshot

** With Mainnet **