d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
proxmox/docs/archive/completion/ALI_INFRASTRUCTURE_COMPLETE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

30 KiB
Raw Permalink Blame History

Ali's Infrastructure - Complete Reference (ChainID 138)

Last Updated: December 26, 2024
Status: Active
Network: ChainID 138 (DeFi Oracle Meta Mainnet)
RPC Endpoint: http://192.168.11.250:8545 or https://rpc-core.d-bis.org

Table of Contents

  1. Executive Summary
  2. Wallet Address
  3. Contract Addresses
  4. Container Inventory
  5. Infrastructure Architecture
  6. Network Configuration
  7. Access Control and Authentication
  8. Container Specifications
  9. Contract Integration
  10. Configuration Files
  11. Deployment Status
  12. Quick Reference

Executive Summary

Ali maintains full root access to 4 containers on ChainID 138 infrastructure:

VMID Hostname Role IP Address Node Status
1504 besu-sentry-ali Besu Sentry Node 192.168.11.154 pve Active
2503 besu-rpc-ali-0x8a Besu RPC Node (0x8a identity) 192.168.11.253 pve Active
2504 besu-rpc-ali-0x1 Besu RPC Node (0x1 identity) 192.168.11.254 pve Active
6201 firefly-ali-1 Hyperledger Firefly Node 192.168.11.67 pve Active

Access Level: Full root access to all containers and Proxmox host

Key Features:

  • JWT authentication enabled on all RPC containers
  • Discovery disabled on RPC nodes (MetaMask compatibility)
  • Full infrastructure control
  • Integration with all deployed contracts

Wallet Address

Primary Address

Address: 0xa55A4B57A91561e9df5a883D4883Bd4b1a7C4882

Label: ALI's LEDGER (Genesis Faucet 1)

Genesis Allocation

Property Value
Allocation 1,000,000,000 ETH
Allocation (Hex) 0x33b2e3c9fd0803ce8000000
Network ChainID 138
Type Genesis faucet/pre-funded address
Status Active

Configuration References

This address is configured as:

  • GENESIS_FAUCET_1_ADDRESS in environment configuration files
  • GENESIS_DEPLOYER_2 in deployment scripts
  • Referenced in explorer-monorepo/docs/organized.env

Usage

  • Primary wallet for ChainID 138 operations
  • Genesis pre-funded account
  • Used for deployment and operations
  • Configured as one of the genesis faucet addresses

Contract Addresses

All contracts deployed on ChainID 138, organized by category.

Pre-Deployed Contracts (Genesis)

These contracts were pre-deployed when ChainID 138 was initialized:

Contract Address Status Purpose
WETH9 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2 Pre-deployed Wrapped Ether v9
WETH10 0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f Pre-deployed Wrapped Ether v10
Multicall 0x99b3511a2d315a497c8112c1fdd8d508d4b1e506 Pre-deployed Batch contract calls

Explorer Links:

Oracle Contracts

Price feed and oracle infrastructure:

Contract Address Status Purpose
Oracle Proxy 0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6 Deployed MetaMask Price Feed
Oracle Aggregator 0x99b3511a2d315a497c8112c1fdd8d508d4b1e506 Deployed Price feed aggregator
Price Feed Keeper 0xD3AD6831aacB5386B8A25BB8D8176a6C8a026f04 Deployed Automated price updates

Explorer Links:

Note: The Oracle Proxy address (0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6) is the primary address used by MetaMask for price feeds.

CCIP Contracts

Cross-Chain Interoperability Protocol contracts:

Contract Address Status Purpose
CCIP Router 0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e Deployed Cross-chain message router
CCIP Sender 0x105F8A15b819948a89153505762444Ee9f324684 Deployed Cross-chain message sender

Explorer Links:

Bridge Contracts

Cross-chain bridge contracts for WETH tokens:

Contract Address Status Purpose
CCIPWETH9Bridge 0x89dd12025bfCD38A168455A44B400e913ED33BE2 Deployed Bridge for WETH9
CCIPWETH10Bridge 0xe0E93247376aa097dB308B92e6Ba36bA015535D0 Deployed Bridge for WETH10

Explorer Links:

eMoney System Contracts

Core eMoney infrastructure contracts:

Contract Address Code Size Status Purpose
TokenFactory138 0xEBFb5C60dE5f7C4baae180CA328D3BB39E1a5133 3,847 bytes Deployed Token creation factory
BridgeVault138 0x31884f84555210FFB36a19D2471b8eBc7372d0A8 3,248 bytes Deployed Bridge vault management
ComplianceRegistry 0xbc54fe2b6fda157c59d59826bcfdbcc654ec9ea1 3,580 bytes Deployed Compliance tracking
DebtRegistry 0x95BC4A997c0670d5DAC64d55cDf3769B53B63C28 2,672 bytes Deployed Debt tracking
PolicyManager 0x0C4FD27018130A00762a802f91a72D6a64a60F14 3,804 bytes Deployed Policy management
eMoneyToken Implementation 0x0059e237973179146237aB49f1322E8197c22b21 10,088 bytes Deployed eMoney token implementation

Explorer Links:

Compliance & Token Contracts

Compliance and token management contracts:

Contract Address Code Size Status Purpose
CompliantUSDT 0x93E66202A11B1772E55407B32B44e5Cd8eda7f22 6,806 bytes Deployed Compliant USDT token
CompliantUSDC 0xf22258f57794CC8E06237084b353Ab30fFfa640b 6,806 bytes Deployed Compliant USDC token
TokenRegistry 0x91Efe92229dbf7C5B38D422621300956B55870Fa 5,359 bytes Deployed Token registry
FeeCollector 0xF78246eB94c6CB14018E507E60661314E5f4C53f 5,084 bytes Deployed Fee collection

Explorer Links:

Contract Address Quick Reference

All Contracts Summary:

Category Count Key Addresses
Genesis 3 WETH9, WETH10, Multicall
Oracle 3 Oracle Proxy (MetaMask), Aggregator, Keeper
CCIP 2 Router, Sender
Bridge 2 WETH9Bridge, WETH10Bridge
eMoney 6 TokenFactory, BridgeVault, Compliance, Debt, Policy, Token Implementation
Compliance 4 CompliantUSDT, CompliantUSDC, TokenRegistry, FeeCollector
Total 20 All contracts

Container Inventory

Complete list of Ali's containers on ChainID 138 infrastructure:

VMID Hostname (Current) Hostname (Old) Role IP Address Node Memory CPU Disk
1504 besu-sentry-ali besu-sentry-5 Besu Sentry Node 192.168.11.154 pve 4GB 2 cores 100GB
2503 besu-rpc-ali-0x8a besu-rpc-4 Besu RPC Node (0x8a) 192.168.11.253 pve 16GB 4 cores 200GB
2504 besu-rpc-ali-0x1 besu-rpc-4 Besu RPC Node (0x1) 192.168.11.254 pve 16GB 4 cores 200GB
6201 firefly-ali-1 firefly-2 Hyperledger Firefly 192.168.11.67 pve 4GB 2 cores 50GB

Total Resources:

  • Total Memory: 40GB
  • Total CPU Cores: 12 cores
  • Total Disk: 550GB

Infrastructure Architecture

Architecture Diagram

flowchart TB
    subgraph ProxmoxNode[Proxmox Node: pve]
        subgraph AliContainers[Ali's Containers]
            Sentry[besu-sentry-ali<br/>VMID: 1504<br/>192.168.11.154]
            RPC8a[besu-rpc-ali-0x8a<br/>VMID: 2503<br/>192.168.11.253]
            RPC01[besu-rpc-ali-0x1<br/>VMID: 2504<br/>192.168.11.254]
            Firefly[firefly-ali-1<br/>VMID: 6201<br/>192.168.11.67]
        end
    end
    
    subgraph Blockchain[ChainID 138 Blockchain]
        Contracts[Smart Contracts<br/>Oracle, CCIP, Bridge, eMoney]
        Validators[Validator Nodes]
    end
    
    subgraph ExternalServices[External Services]
        MetaMask[MetaMask Wallets]
        dApps[dApps & Services]
    end
    
    Sentry -->|P2P Connection| Validators
    RPC8a -->|RPC Access| Contracts
    RPC01 -->|RPC Access| Contracts
    Firefly -->|Blockchain Integration| Contracts
    RPC8a -->|Price Feed| MetaMask
    RPC01 -->|Price Feed| MetaMask
    ExternalServices -->|HTTP/WS| RPC8a
    ExternalServices -->|HTTP/WS| RPC01

Network Topology

graph TB
    subgraph Network192[Network: 192.168.11.0/24]
        subgraph AliInfra[Ali's Infrastructure]
            IP154[192.168.11.154<br/>Besu Sentry]
            IP253[192.168.11.253<br/>Besu RPC 0x8a]
            IP254[192.168.11.254<br/>Besu RPC 0x1]
            IP67[192.168.11.67<br/>Firefly]
        end
        
        subgraph OtherNodes[Other ChainID 138 Nodes]
            Validators[Validators<br/>192.168.11.100-104]
            OtherRPC[RPC Nodes<br/>192.168.11.250-252]
        end
    end
    
    subgraph Internet[Internet]
        Users[Users & dApps]
        Cloudflare[Cloudflare/CDN]
    end
    
    Cloudflare -->|HTTPS/WSS| IP253
    Cloudflare -->|HTTPS/WSS| IP254
    Users -->|Via Cloudflare| IP253
    Users -->|Via Cloudflare| IP254
    IP154 -->|P2P 30303| Validators
    IP253 -->|RPC 8545/8546| Contracts
    IP254 -->|RPC 8545/8546| Contracts
    IP67 -->|Blockchain API| Contracts

Container Relationships

graph LR
    subgraph AliContainers[Ali's Containers]
        Sentry[Besu Sentry<br/>1504]
        RPC8a[Besu RPC 0x8a<br/>2503]
        RPC01[Besu RPC 0x1<br/>2504]
        Firefly[Firefly<br/>6201]
    end
    
    subgraph Services[Services & Contracts]
        Oracle[Oracle Contracts]
        CCIP[CCIP Contracts]
        Bridge[Bridge Contracts]
        eMoney[eMoney Contracts]
    end
    
    Sentry -->|Discovers Peers| RPC8a
    Sentry -->|Discovers Peers| RPC01
    RPC8a -->|Reads| Oracle
    RPC8a -->|Reads| CCIP
    RPC8a -->|Reads| Bridge
    RPC01 -->|Reads| Oracle
    RPC01 -->|Reads| eMoney
    Firefly -->|Integrates| Oracle
    Firefly -->|Integrates| CCIP
    Firefly -->|Integrates| Bridge
    Firefly -->|Uses| RPC8a
    Firefly -->|Uses| RPC01

Access Control Flow

sequenceDiagram
    participant User as User/Service
    participant Nginx as Nginx Proxy
    participant JWT as JWT Validator
    participant RPC as RPC Container
    participant Besu as Besu Node
    
    User->>Nginx: Request (with JWT token)
    Nginx->>JWT: Validate token
    alt Valid Token
        JWT->>Nginx: Token valid
        Nginx->>RPC: Forward request
        RPC->>Besu: Process RPC call
        Besu->>RPC: Return result
        RPC->>Nginx: Response
        Nginx->>User: Return result
    else Invalid Token
        JWT->>Nginx: Token invalid
        Nginx->>User: 401 Unauthorized
    end

Contract Interaction Diagram

graph TB
    subgraph Containers[Ali's Containers]
        RPC8a[RPC 0x8a<br/>2503]
        RPC01[RPC 0x1<br/>2504]
        Firefly[Firefly<br/>6201]
    end
    
    subgraph OracleContracts[Oracle Contracts]
        OracleProxy[Oracle Proxy<br/>0x3304b7...]
        Aggregator[Oracle Aggregator<br/>0x99b351...]
    end
    
    subgraph CCIPContracts[CCIP Contracts]
        Router[CCIP Router<br/>0x8078A0...]
        Sender[CCIP Sender<br/>0x105F8A...]
    end
    
    subgraph BridgeContracts[Bridge Contracts]
        WETH9Bridge[WETH9Bridge<br/>0x89dd12...]
        WETH10Bridge[WETH10Bridge<br/>0xe0E932...]
    end
    
    subgraph eMoneyContracts[eMoney Contracts]
        TokenFactory[TokenFactory<br/>0xEBFb5C...]
        Compliance[Compliance<br/>0xbc54fe...]
    end
    
    RPC8a -->|Read Price| OracleProxy
    RPC01 -->|Read Price| OracleProxy
    Firefly -->|Query| OracleProxy
    Firefly -->|Send Messages| Router
    Firefly -->|Bridge Operations| WETH9Bridge
    Firefly -->|Bridge Operations| WETH10Bridge
    Firefly -->|Token Operations| TokenFactory
    Firefly -->|Compliance Check| Compliance

Network Configuration

IP Address Allocation

Container IP Address Subnet Gateway DNS
besu-sentry-ali (1504) 192.168.11.154 192.168.11.0/24 192.168.11.1 192.168.11.1
besu-rpc-ali-0x8a (2503) 192.168.11.253 192.168.11.0/24 192.168.11.1 192.168.11.1
besu-rpc-ali-0x1 (2504) 192.168.11.254 192.168.11.0/24 192.168.11.1 192.168.11.1
firefly-ali-1 (6201) 192.168.11.67 192.168.11.0/24 192.168.11.1 192.168.11.1

Port Mappings

Container Service Port Protocol Access
besu-sentry-ali (1504) P2P 30303 TCP/UDP Internal network
besu-sentry-ali (1504) Metrics 9545 TCP Internal network
besu-rpc-ali-0x8a (2503) HTTP RPC 8545 TCP Public (via JWT)
besu-rpc-ali-0x8a (2503) WebSocket RPC 8546 TCP Public (via JWT)
besu-rpc-ali-0x8a (2503) Metrics 9545 TCP Internal network
besu-rpc-ali-0x1 (2504) HTTP RPC 8545 TCP Public (via JWT)
besu-rpc-ali-0x1 (2504) WebSocket RPC 8546 TCP Public (via JWT)
besu-rpc-ali-0x1 (2504) Metrics 9545 TCP Internal network
firefly-ali-1 (6201) HTTP API 5000 TCP Internal network
firefly-ali-1 (6201) WebSocket 5001 TCP Internal network

Firewall Rules

Inbound Rules:

  • P2P (30303): Allow from internal network (192.168.11.0/24)
  • RPC HTTP (8545): Allow from public (via Nginx/JWT)
  • RPC WebSocket (8546): Allow from public (via Nginx/JWT)
  • Metrics (9545): Allow from internal network only
  • Firefly API (5000-5001): Allow from internal network only

Outbound Rules:

  • All outbound: Allow (for blockchain sync and external services)

Access Control and Authentication

Access Level: Full Root Access

Ali has full root access to all containers and the Proxmox host, providing:

  • SSH access to all containers
  • Proxmox console access
  • Container management (start, stop, restart, migrate)
  • Configuration file access
  • Key material access
  • Service management
  • Network configuration
  • Full administrative privileges

JWT Authentication

All RPC containers (2503, 2504) require JWT authentication:

Configuration:

  • Token generation: ./scripts/generate-jwt-token-for-container.sh [VMID] [username] [days]
  • Token format: Bearer <JWT_TOKEN>
  • Validation: Nginx with lua-resty-jwt
  • Secret location: /etc/nginx/jwt_secret (on each container)

Token Generation Example:

# Generate token for VMID 2503 (0x8a identity)
./scripts/generate-jwt-token-for-container.sh 2503 ali-full-access 365

# Generate token for VMID 2504 (0x1 identity)
./scripts/generate-jwt-token-for-container.sh 2504 ali-full-access 365

Using JWT Tokens:

# HTTP RPC request with JWT
curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
     -H "Content-Type: application/json" \
     -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' \
     https://rpc-endpoint.d-bis.org

Access Level Comparison

Feature Ali Luis/Putu
SSH Access Full No
Proxmox Console Full No
Container Management Full No
Key Material Access Full No
RPC Access Full (JWT) Limited (JWT only)
Configuration Access Full No
Service Management Full No

Container Specifications

1. Besu Sentry Node (VMID 1504)

Hostname: besu-sentry-ali (formerly besu-sentry-5)

Specifications:

  • Memory: 4GB
  • CPU: 2 cores
  • Disk: 100GB
  • IP Address: 192.168.11.154
  • Node: pve

Purpose:

  • Discovers and connects to validator nodes
  • Provides network connectivity for RPC nodes
  • Acts as network gateway
  • Enables discovery of other blockchain nodes

Configuration:

  • Discovery: Enabled
  • P2P Port: 30303
  • Metrics Port: 9545
  • ChainID: 138
  • Sync Mode: FAST

Access:

  • Internal network only
  • No public RPC endpoints
  • JWT authentication: N/A (no public access)

2. Besu RPC Node - 0x8a Identity (VMID 2503)

Hostname: besu-rpc-ali-0x8a (formerly besu-rpc-4)

Specifications:

  • Memory: 16GB
  • CPU: 4 cores
  • Disk: 200GB
  • IP Address: 192.168.11.253
  • Node: pve

Purpose:

  • Provides RPC access with 0x8a identity
  • Serves public RPC requests (with JWT authentication)
  • Reports chainID 0x1 to MetaMask (wallet compatibility)
  • Provides price feed access

Configuration:

  • Discovery: Disabled (prevents mainnet connection)
  • RPC HTTP Port: 8545
  • RPC WebSocket Port: 8546
  • Metrics Port: 9545
  • ChainID: 138 (reports 0x1 to MetaMask)
  • Identity: 0x8a

APIs Enabled:

  • ETH, NET, WEB3, TXPOOL, QBFT
  • No ADMIN, DEBUG, or TRACE APIs

Access:

  • Public access via Nginx reverse proxy
  • JWT authentication: Required
  • CORS: Enabled

3. Besu RPC Node - 0x1 Identity (VMID 2504)

Hostname: besu-rpc-ali-0x1 (formerly besu-rpc-4)

Specifications:

  • Memory: 16GB
  • CPU: 4 cores
  • Disk: 200GB
  • IP Address: 192.168.11.254
  • Node: pve

Purpose:

  • Provides RPC access with 0x1 identity
  • Serves public RPC requests (with JWT authentication)
  • Reports chainID 0x1 to MetaMask (wallet compatibility)
  • Provides price feed access

Configuration:

  • Discovery: Disabled (prevents mainnet connection)
  • RPC HTTP Port: 8545
  • RPC WebSocket Port: 8546
  • Metrics Port: 9545
  • ChainID: 138 (reports 0x1 to MetaMask)
  • Identity: 0x1

APIs Enabled:

  • ETH, NET, WEB3, TXPOOL, QBFT
  • No ADMIN, DEBUG, or TRACE APIs

Access:

  • Public access via Nginx reverse proxy
  • JWT authentication: Required
  • CORS: Enabled

Note: The 0x1 and 0x8a identities allow different permission levels for MetaMask wallet compatibility.

4. Hyperledger Firefly Node (VMID 6201)

Hostname: firefly-ali-1 (formerly firefly-2)

Specifications:

  • Memory: 4GB
  • CPU: 2 cores
  • Disk: 50GB
  • IP Address: 192.168.11.67
  • Node: pve

Purpose:

  • Hyperledger Firefly workflow orchestration
  • Blockchain integration layer
  • Smart contract interaction
  • Multi-party workflows
  • Token operations

Configuration:

  • HTTP API Port: 5000
  • WebSocket Port: 5001
  • ChainID: 138
  • RPC Connection: Uses Ali's RPC nodes (2503, 2504)

Access:

  • Internal network only
  • JWT authentication: Required
  • Service-to-service communication

Integration:

  • Connects to ChainID 138 via RPC nodes
  • Interacts with Oracle contracts
  • Uses CCIP for cross-chain operations
  • Integrates with Bridge contracts
  • Manages eMoney system operations

Contract Integration

Container-to-Contract Mappings

Container Contracts Used Purpose
besu-rpc-ali-0x8a (2503) Oracle Proxy, Oracle Aggregator, CCIP Router, Bridge Contracts RPC access for price feeds, cross-chain operations
besu-rpc-ali-0x1 (2504) Oracle Proxy, Oracle Aggregator, eMoney Contracts RPC access for price feeds, eMoney operations
firefly-ali-1 (6201) All contracts Workflow orchestration, smart contract interactions

Service Configuration Examples

RPC Node Configuration

For Oracle Price Feeds:

# Environment configuration
ORACLE_PROXY_ADDRESS=0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6
ORACLE_AGGREGATOR_ADDRESS=0x99b3511a2d315a497c8112c1fdd8d508d4b1e506
RPC_URL=http://192.168.11.253:8545
CHAIN_ID=138

Firefly Configuration

Contract Addresses:

# Oracle Contracts
ORACLE_PROXY=0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6
ORACLE_AGGREGATOR=0x99b3511a2d315a497c8112c1fdd8d508d4b1e506

# CCIP Contracts
CCIP_ROUTER=0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e
CCIP_SENDER=0x105F8A15b819948a89153505762444Ee9f324684

# Bridge Contracts
WETH9_BRIDGE=0x89dd12025bfCD38A168455A44B400e913ED33BE2
WETH10_BRIDGE=0xe0E93247376aa097dB308B92e6Ba36bA015535D0

# eMoney Contracts
TOKEN_FACTORY=0xEBFb5C60dE5f7C4baae180CA328D3BB39E1a5133
COMPLIANCE_REGISTRY=0xbc54fe2b6fda157c59d59826bcfdbcc654ec9ea1

# RPC Configuration
RPC_URL_138=http://192.168.11.253:8545
RPC_WS_URL_138=ws://192.168.11.253:8546
CHAIN_ID=138

Contract Interaction Patterns

1. Oracle Price Feed Query:

// Query latest ETH/USD price from Oracle Proxy
const oracleAddress = "0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6";
const price = await oracleContract.latestRoundData();

2. CCIP Cross-Chain Message:

// Send cross-chain message via CCIP Router
const routerAddress = "0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e";
await routerContract.ccipSend(destinationChain, message, { value: fee });

3. Bridge Operation:

// Bridge WETH9 via CCIPWETH9Bridge
const bridgeAddress = "0x89dd12025bfCD38A168455A44B400e913ED33BE2";
await bridgeContract.bridge(amount, destinationChain);

4. eMoney Token Creation:

// Create token via TokenFactory
const factoryAddress = "0xEBFb5C60dE5f7C4baae180CA328D3BB39E1a5133";
await tokenFactory.createToken(name, symbol, decimals, complianceData);

Configuration Files

Besu Configuration Files

Sentry Node (1504):

  • Config: /etc/besu/config-sentry.toml
  • Static Nodes: /var/lib/besu/static-nodes.json
  • Permissioned Nodes: /var/lib/besu/permissions/permissioned-nodes.json

RPC Node 0x8a (2503):

  • Config: /etc/besu/config-rpc-4.toml or /etc/besu/config-rpc-ali-0x8a.toml
  • Static Nodes: /var/lib/besu/static-nodes.json
  • Permissioned Nodes: /var/lib/besu/permissions/permissioned-nodes.json
  • Nginx Config: /etc/nginx/sites-available/rpc-ali-0x8a

RPC Node 0x1 (2504):

  • Config: /etc/besu/config-rpc-4.toml or /etc/besu/config-rpc-ali-0x1.toml
  • Static Nodes: /var/lib/besu/static-nodes.json
  • Permissioned Nodes: /var/lib/besu/permissions/permissioned-nodes.json
  • Nginx Config: /etc/nginx/sites-available/rpc-ali-0x1

Firefly Configuration Files

Firefly Node (6201):

  • Main Config: /opt/firefly/firefly.yml
  • Environment: /opt/firefly/.env
  • Database: PostgreSQL (internal)
  • Stack Config: docker-compose.yml

Deployment Scripts

Main Configuration Script:

  • Location: scripts/configure-besu-chain138-nodes.sh
  • Purpose: Deploy Besu configurations to all nodes

JWT Token Generation:

  • Location: scripts/generate-jwt-token-for-container.sh
  • Usage: ./scripts/generate-jwt-token-for-container.sh [VMID] [username] [days]

Verification Script:

  • Location: scripts/verify-chain138-config.sh
  • Purpose: Verify configuration deployment

Key Configuration Parameters

Besu RPC Nodes:

# Discovery (disabled for RPC nodes)
discovery-enabled=false

# RPC APIs
rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT"]

# Ports
rpc-http-port=8545
rpc-ws-port=8546

# ChainID
network-id=138

JWT Authentication:

# Nginx configuration
location / {
    access_by_lua_block {
        local jwt = require "resty.jwt"
        -- JWT validation logic
    }
    proxy_pass http://127.0.0.1:8545;
}

Deployment Status

Container Status

Container Status Last Updated Notes
besu-sentry-ali (1504) Active December 26, 2024 Discovery enabled
besu-rpc-ali-0x8a (2503) Active December 26, 2024 JWT auth enabled, discovery disabled
besu-rpc-ali-0x1 (2504) Active December 26, 2024 JWT auth enabled, discovery disabled
firefly-ali-1 (6201) Active December 26, 2024 Integrated with ChainID 138

Contract Deployment Status

Category Deployed Verified Explorer
Genesis Contracts 3/3 Yes Yes
Oracle Contracts 3/3 Yes Yes
CCIP Contracts 2/2 Yes Yes
Bridge Contracts 2/2 Yes Yes
eMoney Contracts 6/6 Yes Yes
Compliance Contracts 4/4 Yes Yes
Total 20/20 Yes Yes

Migration Status

Container Old Hostname New Hostname Migration Status
1504 besu-sentry-5 besu-sentry-ali Complete
2503 besu-rpc-4 besu-rpc-ali-0x8a Complete
2504 besu-rpc-4 besu-rpc-ali-0x1 Complete
6201 firefly-2 firefly-ali-1 Complete

All containers have been renamed and are located on the pve Proxmox node.

Quick Reference

Container Quick Access

SSH Access:

# Sentry Node
ssh root@192.168.11.154

# RPC Node 0x8a
ssh root@192.168.11.253

# RPC Node 0x1
ssh root@192.168.11.254

# Firefly Node
ssh root@192.168.11.67

Proxmox Access:

# List containers
ssh root@192.168.11.10 "pvesh get /nodes/pve/lxc" | grep -E "(1504|2503|2504|6201)"

# Container status
ssh root@192.168.11.10 "pct status 1504"
ssh root@192.168.11.10 "pct status 2503"
ssh root@192.168.11.10 "pct status 2504"
ssh root@192.168.11.10 "pct status 6201"

Contract Address Quick Reference

Most Used Contracts:

Contract Address Usage
Oracle Proxy 0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6 MetaMask price feeds
CCIP Router 0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e Cross-chain messaging
WETH9 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2 Wrapped Ether
TokenFactory 0xEBFb5C60dE5f7C4baae180CA328D3BB39E1a5133 Token creation

RPC Endpoints

Internal RPC (from internal network):

  • HTTP: http://192.168.11.253:8545 (0x8a identity)
  • HTTP: http://192.168.11.254:8545 (0x1 identity)
  • WebSocket: ws://192.168.11.253:8546 (0x8a identity)
  • WebSocket: ws://192.168.11.254:8546 (0x1 identity)

Public RPC (via JWT):

  • Requires JWT token in Authorization header
  • Endpoints configured via Nginx reverse proxy
  • Access controlled via JWT validation

Useful Commands

Check Container Status:

# Check all Ali containers
for vmid in 1504 2503 2504 6201; do
  echo "=== VMID $vmid ==="
  ssh root@192.168.11.10 "pct status $vmid"
done

Generate JWT Token:

# For RPC node 2503 (0x8a)
./scripts/generate-jwt-token-for-container.sh 2503 ali-full-access 365

# For RPC node 2504 (0x1)
./scripts/generate-jwt-token-for-container.sh 2504 ali-full-access 365

Test RPC Connection:

# Test from internal network
curl -X POST http://192.168.11.253:8545 \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'

Check Contract on Explorer:

# Open contract in explorer
xdg-open "https://explorer.d-bis.org/address/0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6"

Service Scripts

Deployment Scripts:

  • scripts/configure-besu-chain138-nodes.sh - Main configuration
  • scripts/verify-chain138-config.sh - Verification
  • scripts/generate-jwt-token-for-container.sh - JWT token generation
  • scripts/setup-new-chain138-containers.sh - Quick setup

Configuration Scripts:

  • scripts/configure-nginx-jwt-auth.sh - JWT authentication setup
  • scripts/copy-besu-config-with-nodes.sh - Config file deployment

Related Documentation

Summary

This document provides a comprehensive reference for Ali's infrastructure on ChainID 138, including:

  • 4 Containers with full specifications
  • 20 Smart Contracts organized by category
  • 1 Primary Wallet address with genesis allocation
  • Complete Network Configuration with IP addresses and ports
  • Access Control details with JWT authentication
  • Contract Integration patterns and examples
  • Visual Diagrams showing architecture and relationships
  • Quick Reference tables and commands

All infrastructure is active and operational on ChainID 138 (DeFi Oracle Meta Mainnet).

Last Updated: December 26, 2024
Document Version: 1.0
Status: Complete

Reference in New Issue View Git Blame Copy Permalink