/ ADEN

New Blockchain - Masternodes (2/2)

Masternodes Setup

The purpose of this article is to create a step by step tutorial describing how can you setup and run a masternode.

Masternode hosting services will be available in the near future, but for now, this article describes how to set up a masternode on a Linux server.

Requirements:

  • Linux server (preferably a Virtual Private Server (VPS))
  • HELP Core Wallet (hardcore wallet will be released in the future)
  • 2,500 HELP for MasterNodes and 25,000 HELP for Entity MasterNodes

1. Set up your VPS

A virtual private server (VPS), also known as a cloud server, is a virtual machine sold as a service by an Internet hosting service.

A VPS runs its own copy of an operating system (OS), and customers may have superuser-level access to that operating system instance, so they can install almost any software that runs on that OS. This is is ideal for hosting a HELP masternode because they typically offer guaranteed uptime, redundancy in the case of hardware failure and a static IP address that is required to ensure you remain in the masternode payment queue.

While running a masternode from home on a desktop computer is technically possible, it will most likely not work reliably because most ISPs allocate dynamic IP addresses to home users.

We will use Vultr hosting as an example of a VPS, although DigitalOcean, Amazon EC2, Google Cloud, Choopa and OVH are also popular choices. First create an account and add credit. Then go to the Servers menu item on the left and click + to add a new server.

The steps for setting it up are:

a) Select a location for your new server on the following screen:

b) Select Ubuntu 18.04 x64 as the server type.

We use this LTS release of Ubuntu instead of the latest version because LTS releases are supported with security updates for 5 years, instead of the usual 9 months.

c) Select a server size offering at least 2GB of memory.

d) Enter a hostname and label for your server.

In this example we will use helpmn1 as the hostname.

e) Vultr will now install your server. This process may take a few minutes.

f) Click Manage when installation is complete and take note of the IP address, username and password.

2. Set up your operating system

After the VPS setup is done, we now have to connect the server. If you're using windows, you have to download PuTTY, which is an app that helps you connect to the server. You only have to PuTTY download page and select the appropriate installer for your system and you're good to go!

On Mac or Linux you can ssh directly from the terminal - simply type ssh root@<server_ip> and enter your password when prompted.

After you install PuTTY, enter the IP address of the server in the Host Name field and click Open. You may see a certificate warning, since this is the first time you are connecting to this server. You can safely click Yes to trust this server in the future.

You are now connected to your server and should see a terminal window. Begin by logging in to your server with the user root and password supplied by your hosting provider.

You should immediately change the root password and store it in a safe place for security. You can copy and paste any of the following commands by selecting them in your browser, pressing Ctrl + C, then switching to the PuTTY window and right-clicking in the window. The text will paste at the current cursor location:

passwd root

Enter and confirm a new password (preferably long and randomly generated). Next we will create a new user with the following command, replacing <username> with a username of your choice:

adduser <username>

You will be prompted for a password. Enter and confirm using a new password (different to your root password) and store it in a safe place. You will also see prompts for user information, but this can be left blank. Once the user has been created, we will add them to the sudo group so they can perform commands as root:

usermod -aG sudo <username>

Now, while still as root, we will update the system from the Ubuntu package repository:

apt update
apt upgrade

The system will show a list of upgradable packages. Press Y and Enter to install the packages. We will now install a firewall (and some other packages we will use later), add swap memory and reboot the server to apply any necessary kernel updates, and then login to our newly secured environment as the new user:

apt install ufw python virtualenv git unzip pv

(press Y and Enter to confirm)

ufw allow ssh/tcp
ufw limit ssh/tcp
ufw allow 9999/tcp
ufw logging on
ufw enable 

(press Y and Enter to confirm)

fallocate -l 4G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
nano /etc/fstab

Add the following line at the end of the file (press tab to separate each word/number), then press Ctrl + X to close the editor, then Y and Enter save the file.

/swapfile none swap sw 0 0

Finally, in order to prevent brute force password hacking attacks, open the SSH configuration file to disable root login over SSH:

nano /etc/ssh/sshd_config

Locate the line that reads PermitRootLogin yes and set it toPermitRootLogin no. Directly below this, add a line which readsAllowUsers <username>, replacing <username> with the username you selected above. The press Ctrl + X to close the editor, then Y and Enter save the file.

Then reboot the server:

reboot now

While this setup includes basic steps to protect your server against attacks, much more can be done. In particular, authenticating with a public key instead of a username/password combination, installing fail2ban to block login brute force attacks and enabling automatic security updates is advisable. More tips are available here. However, since the masternode does not actually store the keys to any HELP, these steps are considered beyond the scope of this guide.

3. Send the coins

A HELP address with a single unspent transaction output  of exactly 2,500 HELP for master node or 25,000 HELP for entity master node is required to operate a masternode. Once it has been sent, various keys regarding the transaction must be extracted for later entry in a configuration file and registration transaction as proof to write the configuration to the blockchain so the masternode can be included in the deterministic list. A masternode can be started from a hardware wallet or the official HELP Core wallet, but for now we're going present the HELP Core wallet alternative.

Open HELP Core wallet and wait for it to synchronize with the network.

Click Tools > Debug console to open the console. Type the following two commands into the console to generate a legacy masternode key and a new HELP address for the collateral:

masternode genkey 
93PAqQsDjcVdYJHRfQPjsSt5338GCswMnUaSxoCD8J6fiLk4NHL  
getnewaddress
yiFfzbwiN9oneftd7cEfr3kQLRwQ4kp7ue

Take note of the legacy masternode private key and collateral address, since we will need it later. The next step is to secure your wallet (if you have not already done so). First, encrypt the wallet by selecting Settings > Encrypt wallet. You should use a strong, new password that you have never used somewhere else. Take note of your password and store it somewhere safe or you will be permanently locked out of your wallet and lose access to your funds. Next, back up your wallet file by selecting File > Backup Wallet. Save the file to a secure location physically separate to your computer, since this will be the only way you can access our funds if anything happens to your computer.

Now send exactly  2,500 HELP for master node or 25,000 HELP for entity master nod in a single transaction to the new address you generated in the previous step. This may be sent from another wallet, or from funds already held in your current wallet. Once the transaction is complete, view the transaction in a blockchain explorer by searching for the address. You will need 15 confirmations before you can start the masternode, but you can continue with the next step at this point already: installing HELP Core on your VPS.

Install HELP Core

HELP Core is the software behind both the HELP Core GUI wallet and HELP masternodes.

Open PuTTY or a console again and connect using the username and password you just created for your new, non-root user.

Download and install the components of your HELP masternode, visit the GitHub releases page and copy the link to the latest x86_64-linux-gnu version. Go back to your terminal window and enter the following command, pasting in the address to the latest version of HELP Core by right clicking or pressing Ctrl + V.

cd /tmp

wget https://github.com/gohelpfund/aden/releases/download/v0.13.0.0/helpcore-0.13.0-x86_64-linux-gnu.tar.gz

Create a working directory for HELP, extract the compressed archive and copy the necessary files to the directory:

mkdir ~/.helpcore 
tar xfv helpcore-0.13.0-x86_64-linux-gnu.tar.gz 
cp -f helpcore-0.13.0/bin/helpd ~/.helpcore/
cp -f helpcore-0.13.0/bin/help-cli ~/.helpcore/

Create a configuration file using the following command:

nano ~/.helpcore/help.conf

An editor window will appear. We now need to create a configuration file specifying several variables. Copy and paste the following text to get started, then replace the variables specific to your configuration as follows:

#----
rpcuser=XXXXXXXXXXXXX
rpcpassword=XXXXXXXXXXXXXXXXXXXXXXXXXXXX
rpcallowip=127.0.0.1
#----
listen=1
server=1
daemon=1
maxconnections=64
#----
masternode=1
masternodeprivkey=XXXXXXXXXXXXXXXXXXXXXXX
externalip=XXX.XXX.XXX.XXX
#----

Replace the fields marked with XXXXXXX as follows:

  • rpcuser: enter any string of numbers or letters, no special characters allowed
  • rpcpassword: enter any string of numbers or letters, no special characters allowed
  • masternodeprivkey: this is the legacy masternode private key you generated in the previous step
  • externalip: this is the IP address of your VPS

The result should look something like this:

Press Ctrl + X to close the editor and Y and Enter save the file. You can now start running HELP on the masternode to begin synchronization with the blockchain:

~/.helpcore/helpd

You will see a message reading HELP Core server starting. We will now install Sentinel, a piece of software which operates as a watchdog to communicate to the network that your node is working properly:

cd ~/.helpcore
git clone https://github.com/GoHelpFund/sentinel.git
cd sentinel
virtualenv venv
venv/bin/pip install -r requirements.txt
venv/bin/python bin/sentinel.py

You will see a message reading helpd not synced with network! Awaiting full sync before running Sentinel. Add helpd and sentinel to crontab to make sure it runs every minute to check on your masternode:

crontab -e

Choose nano as your editor and enter the following lines at the end of the file:

* * * * * cd ~/.helpcore/sentinel && ./venv/bin/python bin/sentinel.py 2>&1 >> sentinel-cron.log
* * * * * pidof helpd || ~/.helpcore/helpd

Press enter to make sure there is a blank line at the end of the file, then press Ctrl + X to close the editor and Y and Enter save the file. We now need to wait for 15 confirmations of the collateral transaction to complete, and wait for the blockchain to finish synchronizing on the masternode. You can use the following commands to monitor progress:

~/.helpcore/help-cli mnsync status

When synchronisation is complete, you should see the following response:

{
 "AssetID": 999,
 "AssetName": "MASTERNODE_SYNC_FINISHED",
 "Attempt": 0,
 "IsBlockchainSynced": true,
 "IsMasternodeListSynced": true,
 "IsWinnersListSynced": true,
 "IsSynced": true,
 "IsFailed": false
}

Continue with the next step to construct the ProTx transaction required to enable your masternode.

Register your masternode

Registering from HELP Core wallet

a) Identify the funding transaction

If you used an address in HELP Core wallet for your collateral transaction, you now need to find the txid of the transaction. Click Tools > Debug console and enter the following command:

masternode outputs

This should return a string of characters similar to this:

{
"ad308ec104bdf113444be609eb3dce9474a5550424204c6538843e3ccd3d4e78" : "1",
}

The first long string is your transaction hash, while the last number is the index.

b) Generate a BLS key pair

A public/private BLS key pair is required for the operator of the masternode. If you are using a hosting service, they may provide you with their public key, and you can skip this step. If you are hosting your own masternode or have agreed to provide your host with the BLS private key, generate a BLS public/private keypair as follows:

bls generate

{
  "secret": "28a85abb5aa8e820f65e33974cef0ab0bf06195f61454d2feb7fa578612d2228",
  "public": "144cbf4d472716b9504a54c7ca26906a3346253b787ffeb1a4999325049f5b2c51ef2e7c215d85f0a9142ec1c78db99b"
}

These keys are NOT stored by the wallet and must be kept secure, similar to the value provided in the past by themasternode genkeycommand.

c) Add the private key to your masternode configuration

The public key will be used in following steps. The private key must be entered in the help.conf file on the masternode. This allows the masternode to watch the network for relevant Pro*Tx transactions, and will cause it to start serving as a masternode when the signed ProRegTx is broadcast by the owner (final step below). Log in to your masternode using ssh or PuTTY and edit the configuration file on your masternode as follows:

nano ~/.helpcore/help.conf

The editor appears with the existing masternode configuration. Add this line to the end of the file, replacing the key with your BLS secret key generated above:

masternodeblsprivkey=28a85abb5aa8e820f65e33974cef0ab0bf06195f61454d2feb7fa578612d2228

Press enter to make sure there is a blank line at the end of the file, then press Ctrl + X to close the editor and Y and Enter save the file. We now need to restart the masternode for this change to take effect. Enter the following commands, waiting a few seconds in between to give HELP Core time to shut down:

~/.helpcore/help-cli stop
~/.helpcore/helpd

d) Prepare a ProRegTx transaction

First, we need to get a new, unused address from the wallet to serve as the owner address. This is different to the collateral address. Generate a new address as follows:

getnewaddress

yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5

Then either generate or choose an existing second address to receive the owner’s masternode payouts:

getnewaddress

yLqyR8PHEB7Fp1ue8nSuLfuxQhrj5PSTDv

You can also optionally generate and fund a third address to pay the transaction fee. The private key to this address must be available to the wallet submitting the transaction to the network. We will now prepare an unsigned ProRegTx special transaction using the protx register_prepare command. This command has the following syntax:

protx register_prepare collateralHash collateralIndex ipAndPort ownerKeyAddr
  operatorPubKey votingKeyAddr operatorReward payoutAddress (feeSourceAddress)

Open a text editor such as notepad to prepare this command. Replace each argument to the command as follows:

  • collateralHash: The txid of the 2,500 HELP for masternodes and 25,000 HELP for entity masternodes collateral funding transaction
  • collateralIndex: The output index of the HELP funding transaction
  • ipAndPort: Masternode IP address and port, in the format x.x.x.x:yyyy
  • ownerKeyAddr: The new HELP address generated above for the owner/voting address
  • operatorPubKey: The BLS public key generated above (or provided by your hosting service)
  • votingKeyAddr: The new HELP address generated above, or the address of a delegate, used for proposal voting
  • operatorReward: The percentage of the block reward allocated to the operator as payment
  • payoutAddress: A new or existing HELP address to receive the owner’s masternode rewards
  • feeSourceAddress: An (optional) address used to fund ProTx fee.payoutAddress will be used if not specified.

Note that the operator is responsible for specifying their own reward address in a separate update_service transaction if you specify a non-zero operatorReward. The owner of the masternode collateral does not specify the operator’s payout address.

Example (remove line breaks if copying):

protx register_prepare
  ad308ec104bdf113444be609eb3dce9474a5550424204c6538843e3ccd3d4e78
  1
  140.82.59.51:9999
  yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5
  144cbf4d472716b9504a54c7ca26906a3346253b787ffeb1a4999325049f5b2c51ef2e7c215d85f0a9142ec1c78db99b
  yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5
  0
  yLqyR8PHEB7Fp1ue8nSuLfuxQhrj5PSTDv

Output:

{
   "tx": "0300010001784e3dcd3c3e8438654c20240455a57494ce3deb09e64b4413f1bd04c18e30ad0000000000feffffff01cccfa204000000001976a9141ea44ced396667eb7d1c5b3699e04b5b3046ecfb88ac00000000d1010000000000784e3dcd3c3e8438654c20240455a57494ce3deb09e64b4413f1bd04c18e30ad0100000000000000000000000000ffff8c523b33271411c59262c9633a1bb810a7fc2b833c43cfa852ab144cbf4d472716b9504a54c7ca26906a3346253b787ffeb1a4999325049f5b2c51ef2e7c215d85f0a9142ec1c78db99b11c59262c9633a1bb810a7fc2b833c43cfa852ab00001976a91405c5fed6a3eb0b92ea5119039efae7a8dee5456488ac4e6cc5451440a6044dbd04d33a11f4cddc9021532ede3012ebbc31c0bb4ceb9c00",
  "collateralAddress": "yiFfzbwiN9oneftd7cEfr3kQLRwQ4kp7ue",
  "signMessage": "yLqyR8PHEB7Fp1ue8nSuLfuxQhrj5PSTDv|0|yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5|yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5|4e00de34ee03d28adb4e1fdaec966ae239c11da7e6115f566fc4b3f75c8a5503"
}

Next we will use the collateralAddress and signMessage fields to sign the transaction, and the output of the tx field to submit the transaction.

e) Sign the ProRegTx transaction

We will now sign the content of the signMessage field using the private key for the collateral address as specified in collateralAddress. Note that no internet connection is required for this step, meaning that the wallet can remain disconnected from the internet in cold storage to sign the message. In this example we will again use HELP Core, but it is equally possible to use the signing function of a hardware wallet. The command takes the following syntax:

signmessage address message

signmessage yiFfzbwiN9oneftd7cEfr3kQLRwQ4kp7ue yLqyR8PHEB7Fp1ue8nSuLfuxQhrj5PSTDv|0|yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5|yMwR1zf2Cv9gcMdHULRVbTTMGw7arvpbM5|4e00de34ee03d28adb4e1fdaec966ae239c11da7e6115f566fc4b3f75c8a5503

Output:

H3ub9BATtvuV+zDGdkUQNoUGpaYFr/O1FypmrSmH5WJ0KFRi8T10FSew0EJO/+Ij+OLv4r0rt+HS9pQFsZgc2dE=

f) Submit the signed message

We will now submit the ProRegTx special transaction to the blockchain to register the masternode. This command must be sent from a HELP Core wallet holding a balance, since a standard transaction fee is involved. The command takes the following syntax:

protx register_submit tx sig

Where:

  • tx: The serialized transaction previously returned in the tx output field from the protx register_prepare command
  • sig: The message signed with the collateral key from the signmessagecommand

Example:

protx register_submit 0300010001784e3dcd3c3e8438654c20240455a57494ce3deb09e64b4413f1bd04c18e30ad0000000000feffffff01cccfa204000000001976a9141ea44ced396667eb7d1c5b3699e04b5b3046ecfb88ac00000000d1010000000000784e3dcd3c3e8438654c20240455a57494ce3deb09e64b4413f1bd04c18e30ad0100000000000000000000000000ffff8c523b33271411c59262c9633a1bb810a7fc2b833c43cfa852ab144cbf4d472716b9504a54c7ca26906a3346253b787ffeb1a4999325049f5b2c51ef2e7c215d85f0a9142ec1c78db99b11c59262c9633a1bb810a7fc2b833c43cfa852ab00001976a91405c5fed6a3eb0b92ea5119039efae7a8dee5456488ac4e6cc5451440a6044dbd04d33a11f4cddc9021532ede3012ebbc31c0bb4ceb9c00 H3ub9BATtvuV+zDGdkUQNoUGpaYFr/O1FypmrSmH5WJ0KFRi8T10FSew0EJO/+Ij+OLv4r0rt+HS9pQFsZgc2dE=

Output:

b823338301e47875493c20361a23aef034578030c639480203b394669ab05e09

Your masternode is now registered and will appear on the Deterministic Masternode List after the transaction is mined to a block. You can view this list on the Masternodes -> DIP3 Masternodes tab of the HELP Core wallet, or in the console using the command protx list valid, where the txid of the final protx register_submit transaction identifies your DIP003 masternode.

At this point you can go back to your terminal window and monitor your masternode by entering~/.helpcore/help-cli masternode status or using the Get status function in DMT.

At this point you can safely log out of your server by typing exit. Congratulations! Your masternode is now running.

P.S.: The github repositories and download links will be made publicly available via an announcement in the upcoming days.

New Blockchain - Masternodes (2/2)
Share this

Subscribe to GoHelpFund Blog