Forum

xDai bridge oracle and xDai chain validator node on the same server

This manual is intended to help upgrade an existing xDai bridge oracle to the version 2.6.0 (the release candidate 1) and combine it with a xDai chain validator node on the same system.

The new version of the oracle allows to disable several workers which are not used any more. And also it supports few enhancements that improves robustness of the bridge.

Combining the bridge oracle with the xDai chain node increases overall security and reduces load through decentralization of the access to the chain data by RPC.

Here are the steps to perform the upgrade:

  1. Stop the xDai validator node (depends on the way how it was setup) by systemctl or docker/docker-compose.

  2. Pull the new docker images:

    sudo docker pull openethereum/openethereum:latest
    sudo docker pull poanetwork/tokenbridge-oracle:latest
    sudo docker pull xdaichain/ethstats-agent:latest
    
  3. [Optional] Copy the chain data (it also allows consider the previous place with the chain data as a backup):

    sudo cp -a <path to current parity data> /home/poadocker/chaindata
    
  4. Stop the bridge

    sudo systemctl stop poabridge
    
  5. Change directory

    cd /home/poadocker/bridge/oracle`
    
  6. replace the content of the docker-compose.yml with a new one:

    networks:
      net_db_bridge_affirmation: {driver: bridge}
      net_db_bridge_request: {driver: bridge}
      net_db_bridge_senderhome: {driver: bridge}
      net_rabbit_bridge_affirmation: {driver: bridge}
      net_rabbit_bridge_request: {driver: bridge}
      net_rabbit_bridge_senderhome: {driver: bridge}
    services:
      bridge_affirmation:
        cpus: 0.1
        entrypoint: yarn watcher:affirmation-request
        env_file: ./.env
        environment: [NODE_ENV=production, 'ORACLE_VALIDATOR_ADDRESS=${ORACLE_VALIDATOR_ADDRESS}']
        image: poanetwork/tokenbridge-oracle:latest
        mem_limit: 500m
        networks: [net_db_bridge_affirmation, net_rabbit_bridge_affirmation]
        restart: unless-stopped
      bridge_request:
        cpus: 0.1
        entrypoint: yarn watcher:signature-request
        env_file: ./.env
        environment: [NODE_ENV=production, 'ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY=${ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY}']
        image: poanetwork/tokenbridge-oracle:latest
        logging:
          driver: syslog
          options: {tag: '{{.Name}}/{{.ID}}'}
        mem_limit: 500m
        networks: [net_db_bridge_request, net_rabbit_bridge_request]
        restart: unless-stopped
      bridge_senderhome:
        cpus: 0.1
        entrypoint: yarn sender:home
        env_file: ./.env
        environment: [NODE_ENV=production, 'ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY=${ORACLE_VALIDATOR_ADDRESS_PRIVATE_KEY}']
        image: poanetwork/tokenbridge-oracle:latest
        mem_limit: 500m
        networks: [net_db_bridge_senderhome, net_rabbit_bridge_senderhome]
        restart: unless-stopped
      rabbit:
        cpus: 0.3
        environment: [RABBITMQ_NODENAME=node@rabbit]
        hostname: rabbit
        image: rabbitmq:3
        mem_limit: 500m
        networks: [net_rabbit_bridge_request, net_rabbit_bridge_affirmation,
          net_rabbit_bridge_senderhome]
        restart: unless-stopped
        volumes: ['~/bridge_data/rabbitmq:/var/lib/rabbitmq/mnesia']
      redis:
        command: [redis-server, --appendonly, 'yes']
        cpus: 0.1
        hostname: redis
        image: redis:4
        mem_limit: 500m
        networks: [net_db_bridge_request, net_db_bridge_affirmation,
          net_db_bridge_senderhome]
        restart: unless-stopped
        volumes: ['~/bridge_data/redis:/data']
    version: '2.4'
    
  7. replace the content of the docker-compose-erc-native.yml with a new one:

    networks:
      net_db_bridge_affirmation: {driver: bridge}
      net_db_bridge_request: {driver: bridge}
      net_db_bridge_senderhome: {driver: bridge}
      net_db_bridge_transfer: {driver: bridge}
      net_rabbit_bridge_affirmation: {driver: bridge}
      net_rabbit_bridge_request: {driver: bridge}
      net_rabbit_bridge_senderhome: {driver: bridge}
      net_rabbit_bridge_transfer: {driver: bridge}
      net_parity_bridge_senderhome: {driver: bridge}
      net_parity_bridge_transfer: {driver: bridge}
      net_parity_bridge_affirmation: {driver: bridge}
      net_parity_bridge_request: {driver: bridge}
      net_partiy_ethstats: {driver: bridge}
    services:
      bridge_affirmation:
        extends: {file: docker-compose.yml, service: bridge_affirmation}
        logging:
          driver: syslog
          options: {tag: '{{.Name}}/{{.ID}}'}
        networks: [net_parity_bridge_affirmation]
        depends_on:
          - redis
          - rabbit  
      bridge_request:
        extends: {file: docker-compose.yml, service: bridge_request}
        logging:
          driver: syslog
          options: {tag: '{{.Name}}/{{.ID}}'}
        networks: [net_parity_bridge_request]
        depends_on:
          - redis
          - rabbit  
      bridge_senderhome:
        extends: {file: docker-compose.yml, service: bridge_senderhome}
        logging:
          driver: syslog
          options: {tag: '{{.Name}}/{{.ID}}'}    
        networks: [net_parity_bridge_senderhome]
        depends_on:
          - redis
          - rabbit  
      bridge_transfer:
        cpus: 0.1
        entrypoint: yarn watcher:transfer
        env_file: ./.env
        environment: [NODE_ENV=production, 'ORACLE_VALIDATOR_ADDRESS=${ORACLE_VALIDATOR_ADDRESS}']
        logging:
          driver: syslog
          options: {tag: '{{.Name}}/{{.ID}}'}
        image: poanetwork/tokenbridge-oracle:latest
        mem_limit: 500m
        networks: [net_db_bridge_transfer, net_rabbit_bridge_transfer, net_parity_bridge_transfer]
        restart: unless-stopped
        depends_on:
          - redis
          - rabbit  
      rabbit:
        extends: {file: docker-compose.yml, service: rabbit}
        networks: [net_rabbit_bridge_transfer]
      redis:
        extends: {file: docker-compose.yml, service: redis}
        networks: [net_db_bridge_transfer]
      parity:
        container_name: parity
        image: openethereum/openethereum:latest
        healthcheck:
          test: ["CMD", "sh", "-c", "curl -f --connect-timeout 1 --max-time 2 --retry 2 --retry-delay 3 --retry-max-time 15 -X POST -H 'Content-Type: application/json' --data '{\"jsonrpc\":\"2.0\",\"method\":\"eth_chainId\",\"id\":1}' http://localhost:8545/ || sh -c 'pkill -15 openethereum && (sleep 10; pkill -9 openethereum)'"]
          interval: 60s
          timeout: 30s
          start_period: 40s
        networks: [net_parity_bridge_transfer, net_parity_bridge_senderhome, net_parity_bridge_request, net_parity_bridge_affirmation, net_partiy_ethstats]
        user: root
        command:
          --chain=xdai
          --base-path=/root/data
          --jsonrpc-port=8545
          --jsonrpc-cors=all
          --jsonrpc-interface=all
          --jsonrpc-hosts=all
          --jsonrpc-apis=web3,eth,net,parity
          --max-peers=25
          --fast-unlock
          --unlock="$ACCOUNT"
          --password="$PASSWORD_PATH"
          --tx-gas-limit="125000000"
          --gas-floor-target="12500000"
          --engine-signer="$ACCOUNT"
        volumes:
          - ~/chaindata:/root/data
          - /root/password:/root/password
          - /root/key:/root/data/keys/xdai/key
        expose:
          - "8545"
        ports:
          - "30303:30303/tcp"
          - "30303:30303/udp"
        restart: unless-stopped
        logging:
          driver: "json-file"
          options:
            max-size: "100m"
            max-file: "1"
      agent:
        init: true
        container_name: ethstats
        image: xdaichain/ethstats-agent:latest
        links:
          - "parity"
        depends_on:
          - "parity"
        environment:
          NODE_ENV: production
          RPC_HOST: parity
          RPC_PORT: 8545
          LISTENING_PORT: 30303
          CONTACT_DETAILS: ${ETHSTATS_CONTACT}
          INSTANCE_NAME: Validator on ${ETHSTATS_ID}
          WS_SERVER: "${ETHSTATS_SERVER}"
          WS_SECRET: "${ETHSTATS_SECRET}"
          VERBOSITY: 3 # (0 = silent, 1 = error, warn, 2 = error, warn, info, success, 3 = all logs
        networks: [net_partiy_ethstats]
        restart: unless-stopped
        logging:
          driver: "json-file"
          options:
            max-size: "1m"
            max-file: "10"
    version: '2.4'
    
  8. replace the content of the .env file with a new one

    PASSWORD_PATH=/root/password
    ACCOUNT=0x. . .
    
    ETHSTATS_ID="Giveth"
    ETHSTATS_SERVER=https://dai-netstat.poa.network/api
    ETHSTATS_SECRET=. . .
    ETHSTATS_CONTACT=someone@gmail.com
    
    ## General settings
    ORACLE_BRIDGE_MODE=ERC_TO_NATIVE
    ORACLE_MAX_PROCESSING_TIME=60000
    
    ## Home contract
    COMMON_HOME_RPC_URL=http://parity:8545/ https://xdai.poanetwork.dev
    COMMON_HOME_BRIDGE_ADDRESS=0x7301CFA0e1756B71869E93d4e4Dca5c7d0eb0AA6
    ORACLE_HOME_RPC_POLLING_INTERVAL=5000
    
    ## Foreign contract
    COMMON_FOREIGN_RPC_URL=https://mainnet.infura.io/v3/. . .
    COMMON_FOREIGN_BRIDGE_ADDRESS=0x4aa42145Aa6Ebf72e164C9bBC74fbD3788045016
    ORACLE_FOREIGN_RPC_POLLING_INTERVAL=12000
    
    ORACLE_TX_REDUNDANCY=true
    
    ## Gasprice
    COMMON_HOME_GAS_PRICE_SPEED_TYPE=standard
    COMMON_HOME_GAS_PRICE_FALLBACK=0
    COMMON_HOME_GAS_PRICE_FACTOR=600000
    
    COMMON_FOREIGN_GAS_PRICE_SUPPLIER_URL=gas-price-oracle
    COMMON_FOREIGN_GAS_PRICE_SPEED_TYPE=fast
    COMMON_FOREIGN_GAS_PRICE_FALLBACK=10000000000
    ORACLE_FOREIGN_GAS_PRICE_UPDATE_INTERVAL=600000
    COMMON_FOREIGN_GAS_PRICE_FACTOR=1
    
    ## Transport configuration
    ORACLE_ALLOW_HTTP_FOR_RPC=yes
    ORACLE_QUEUE_URL=amqp://rabbit
    ORACLE_REDIS_URL=redis://redis
    
    ORACLE_HOME_START_BLOCK=6886405
    ORACLE_FOREIGN_START_BLOCK=8956165
    ORACLE_LOG_LEVEL=info
    
  9. Make sure that the parity service docker-compose-erc-native.yml mounts proper files and directories. E.g. if you skip the step 3, the source of directory must be different from ~/chaindata. Pay attention on sources for the password file and the directory with private keys.

  10. Fill the following variables in the .env file with your data: ACCOUNT, ETHSTATS_ID, ETHSTATS_SECRET, ETHSTATS_CONTACT. The ACCOUNT variable keeps the xDai node (not the bridge) validator account.

  11. Make sure the COMMON_FOREIGN_RPC_URL in the .env file is modified with your Infura project id.

  12. Start the bridge:

    sudo systemctl start poabridge
    
  13. Check that parity service was run by

    sudo docker logs parity
    
  14. Make sure that the bridge workers are able to access to the parity’s RPC service:

    sudo docker exec -ti oracle_bridge_affirmation_1 curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"eth_chainId","id":1}' http://parity:8545/
    sudo docker exec -ti oracle_bridge_request_1 curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"eth_chainId","id":1}' http://parity:8545/
    sudo docker exec -ti oracle_bridge_senderhome_1 curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"eth_chainId","id":1}' http://parity:8545/
    sudo docker exec -ti oracle_bridge_transfer_1 curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"eth_chainId","id":1}' http://parity:8545/
    
  15. Make sure that your validator node is available on https://dai-netstat.poa.network/.

In case of any issues contact to us either by Telegram or post a message in this thread.

1 Like