Add-on: xDai and AMB bridge oracles on the same node
A step-by-step manual to deploy xDai bridge and Arbitrary Message Bridge oracles on the same node
There are several benefits to hosting the xDai bridge and Arbitrary Message Bridge oracles on the same node:
reduces the amount of hardware resources;
reduces required work for node administration and maintenance;
allows for local blockchain node sharing, increasing bridge security.
In general the process to prepare the node to serve the xDai and AMB bridges consists of the following phases:
Configure and deploy the xDai bridge oracle.
Modify the configuration on the xDai bridge oracle’s node to use the local OpenEthereum instance and to run AMB oracle’s workers.
Synchronize the local OpenEthereum instance.
Run the oracles.
Hardware Requirements
Minimums required to run xDai TokenBridge workers, OpenEthereum and the AMB workers on the same machine:
4 CPU cores and 8 GBs RAM
50 Gb disk memory
Phase 1. Configure and deploy the xDai bridge oracle
The oracle deployment procedure uses ansible playbooks, so two system are required. One hosts the oracle and a second deploys the oracle.
System for hosting the oracle:
when creating the node, set a meaningful hostname that can identify this oracle instance (e.g. bridge-ProjectName)
record the IP address (required for file setup)
setup ssh access to your node via public+private keys (using passwords is less secure)
System for deploying the oracle (will run ansible playbooks). Installation assumptions:
Python 2 (v2.6-v2.7)/Python3 (v3.5+)
Git
Copy the private key to access the oracle host to
~/.ssh/
directory.Clone this repository and go to the deployment folder.
Create the file
hosts.yml
fromhosts.yml.example
hosts.yml
should have the following structure:Note: the private key specified here is for the xDai bridge not for the AMB bridge.
Prepare the Infura project ID used by the oracle as the main JSON RPC endpoint to get updates from the Ethereum Mainnet.
Visit http://etherscan.io/ and https://blockscout.com/xdai/mainnet to write down the latest blocks produced by the Ethereum Mainnet and the xDai chain.
Create the file
group_vars/xdai-bridge.yml
with the following content:Note: fill
COMMON_FOREIGN_RPC_URL
,ORACLE_HOME_START_BLOCK
andORACLE_FOREIGN_START_BLOCK
with the information from the steps 6 and 7.Run the ansible playbook.
If the private key file to access the host system by SSH differs from
id_rsa
, use another command:When deployment is finished, login to the host system and stop the xDai bridge oracle.
Since the RabbitMQ DB can be initialized on this stage, it is necessary to remove it:
Phase 2. Re-configure the host environment for OpenEthereum and AMB
The steps below should be executed on the system where the xDai bridge oracle was deployed. It is assumed that the xDai oracle is stopped (sudo systemctl stop poabridge
).
Add the private key and address of the AMB oracle to
/root/.key
. Use your favorite editorsudo nano /root/.key
orsudo vim /root/.key
Change directory to
/etc/init.d
Replace the bridge startup script to use the new key for the AMB oracle:
Update the system configuration to use the new startup script:
Change directory to
/home/poadocker/bridge/oracle
Visit http://etherscan.io/ and https://blockscout.com/xdai/mainnet to write down the latest blocks produced by the Ethereum Mainnet and the xDai chain.
Modify the oracle configuration file to add parameters for AMB oracle workers. The following line must be added to the end of the file (
sudo nano .env
orsudo vim .env
):Note 1: the file may already have
ORACLE_ALLOW_HTTP_FOR_RPC
set to 'no' andORACLE_TX_REDUNDANCY
set to 'True'. Remove these old lines.Note 2: fill
AMB_HOME_START_BLOCK
andAMB_FOREIGN_START_BLOCK
with the information from step 5.Replace the first docker compose configuration file (
docker-compose.yml
) with a new one to optimize the number of the xDai bridge oracle workers:Replace the second docker compose configuration file (
docker-compose-erc-native.yml
) with a new one so that the service OpenEthereum and AMB workers are added:
Phase 3. Synchronize the local OpenEthereum instance
This step assumes that the current working directory is /home/poadocker/bridge/oracle
.
Run OE to synchronize the chain (it will take few minutes depending on the internet channel bandwidth). As soon as you see new blocks appearing every 5 seconds, the service can be stopped (by Ctrl+C
):
Phase 4. Run the oracles
Check the OpenEthereum service was run:
Make sure bridge workers are able to access OpenEthereum’s RPC service:
Last updated