# Configure node
Below you can find guide how to configure and start your node.
### Obtain epoch keys for testnet
Before starting your node, you should obtain epoch keys, which will be used to encrypt and decrypt transactions and smart contract state.
{% hint style="info" %}
EPID attestation was deprecated by Intel, use DCAP instead.
{% endhint %}
To do it, use the the following command:
```sh
swisstronikd enclave request-epoch-keys-dcap rpc.testnet.swisstronik.com:49999
```
The command above will pass Remote Attestation, during which, another node checks whether the correct software and hardware are used. If the command returns you same output as shown below, it means your node is ready to work:
```
Remote Attestation passed. Node is ready for work
```
### **Initialize Node**
{% hint style="info" %}
Monikers can only contain ASCII characters. The use of Unicode characters is not supported and will render the node unreachable.
{% endhint %}
Please replace `YOUR_MONIKER` with your own moniker.
swisstronikd init YOUR_MONIKER --chain-id swisstronik_1291-1
The `moniker` can be edited in the `~/.swisstronik/config/config.toml` file:
```toml
# A custom human readable name for this node
moniker = ""
```
### Download the Genesis File
After initializing the node, download the genesis file and move it to the /config directory within the Swisstronik home directory.
```sh
curl https://rpc.testnet.swisstronik.com/genesis? | jq ".result.genesis" > ~/.swisstronik/config/genesis.json
```
### **Set Gas Prices**
A full node keeps unconfirmed transactions in its mempool. To protect it from spam, it is advisable to set a `minimum-gas-prices` that the transaction must meet to be accepted in the node's mempool. This parameter can be configured in `~/.swisstronik/config/app.toml`.
```toml
# The minimum gas prices a validator is willing to accept for processing a # transaction. A transaction's fees must meet the minimum of any denomination
# specified in this config
minimum-gas-prices = "7aswtr"
```
### **Configure Seed**
#### Mainnet seed
There is no seed node for mainnet at this moment.
#### Testnet seed
It is our best practice to use a seed node for bootstrapping. Alternatively, you can use [persistent\_peers](https://docs.swisstronik.com/swisstronik-docs/node-setup/setup-node/testnet/live-peers).
```sh
sed -i 's/seeds = ""/seeds = "3f472746f46493309650e5a033076689996c8881@swisstronik-testnet.rpc.kjnodes.com:17559"/' ~/.swisstronik/config/config.toml
```
### Specify pruning option
{% hint style="info" %}
This is an optional configuration
{% endhint %}
There are four strategies for pruning the state. These strategies apply only to the state and do not apply to block storage. A node operator may consider custom pruning if node storage is a concern or if there is an interest in running an archive node.
To set pruning, adjust the `pruning` parameter in the `~/.swisstronik/config/app.toml` file. The following pruning state settings are available:
1. `everything`: Prune all saved states other than the current state.
2. `nothing`: Save all states and delete nothing.
3. `default`: Save the last 100 states and the state of every 10,000th block.
4. `custom`: Specify pruning settings with the `pruning-keep-recent`, `pruning-keep-every`, and `pruning-interval` parameters.
By default, every node is in `default` mode, which is the recommended setting for most environments. If a node operator wants to change their node's pruning strategy, this **must** be done before the node is initialized.
In `~/.swisstronik/config/app.toml`
```toml
# default: the last 100 states are kept in addition to every 500th state; pruning at 10 block intervals
# nothing: all historic states will be saved, nothing will be deleted (i.e. archiving node)
# everything: all saved states will be deleted, storing only the current state; pruning at 10 block intervals
# custom: allow pruning options to be manually specified through 'pruning-keep-recent', 'pruning-keep-every', and 'pruning-interval' pruning = "custom"
# These are applied if and only if the pruning strategy is custom.
pruning-keep-recent = "10"
pruning-keep-every = "1000"
pruning-interval = "10"
```
Passing a flag when starting `swisstronikd` will always override settings in the `app.toml` file. To change the node's pruning setting to `everything` mode pass the `---pruning everything` flag when running `swisstronikd start`.
{% hint style="info" %}
If the node is running with a pruned state, querying heights that are not in the node's store will not be possible.
{% endhint %}
### RPC
{% hint style="info" %}
This is an optional configuration
{% endhint %}
By default, RPC server for interactions with Cosmos part will be started on `0.0.0.0:26657` . To change it, edit the `~/.swisstronik/config/config.toml`, and set `laadr` to desired address and port
```
#######################################################
### RPC Server Configuration Options ###
#######################################################
[rpc]
# TCP or UNIX socket address for the RPC server to listen on
laddr = "tcp://0.0.0.0:26657"
```
### REST API
{% hint style="info" %}
This is an optional configuration
{% endhint %}
By default, the REST API is disabled. To enable the REST API, edit the `~/.swisstronik/config/app.toml` file, and set `enable` to `true` in the `[api]` section.
```toml
[api]
# Enable defines if the API server should be enabled.
enable = true
# Swagger defines if swagger documentation should automatically be registered. swagger = false # Address defines the API server to listen on.
address = "tcp://0.0.0.0:1317"
```
### EVM JSON-RPC and Websockets
{% hint style="info" %}
This is an optional configuration
{% endhint %}
By default, EVM JSON-RPC and Websockets are set to use ports `127.0.0.1:8545` and `127.0.0.1:8546` for encrypted transactions, and `127.0.0.1:8547`, `127.0.0.1:8548` for unencrypted transactions. You can edit them by changing those values in `~/.swisstronik/config/app.toml`
```toml
###############################################################################
### JSON RPC Configuration ###
###############################################################################
[json-rpc]
# Enable defines if the gRPC server should be enabled.
enable = true
# Address defines the EVM RPC HTTP server address to bind to.
address = "127.0.0.1:8545"
# Address defines the EVM WebSocket server address to bind to.
ws-address = "127.0.0.1:8546"
# Address defines the EVM RPC HTTP server address to bind to.
address-unencrypted = "127.0.0.1:8547"
# Address defines the EVM WebSocket server address to bind to.
ws-address-unencrypted = "127.0.0.1:8548"
```
## Launch Node
### **Cosmovisor**
Setting up Cosmovisor is relatively straightforward. However, it expects certain environment variables and folder structure to be set.
#### Install
First, go and get cosmovisor (recommended approach):
```bash
go install cosmossdk.io/tools/cosmovisor/cmd/cosmovisor@latest
# To install a previous version, you can specify the version after the @ sign. Note that versions older than 1.4.0 can also target a specific version, at a slightly different location:
go install github.com/cosmos/cosmos-sdk/cosmovisor/cmd/cosmovisor@v1.0.0
```
You can set it to false by running the command
```bash
export DAEMON_ALLOW_DOWNLOAD_BINARIES=false
```
You can confirm your installation with:
```
which cosmovisor
```
#### Add environment variables to your shell.
In the `.profile` file, usually located at `~/.profile`, add:
```bash
export DAEMON_NAME=swisstronikd
export DAEMON_HOME=$HOME/.swisstronik
```
Next, source your profile to gain access to these variables:
```
source ~/.profile
```
You can confirm success by executing:
```
echo $DAEMON_NAME
```
It should return `swisstronikd`.
#### Set up folder structure
Cosmovisor expects a certain folder structure:
```bash
.
├── current -> genesis or upgrades/
├── genesis
│ └── bin
│ └── $DAEMON_NAME
└── upgrades
└──
└── bin
└── $DAEMON_NAME
```
Don't worry about `current` - that is simply a symlink used by Cosmovisor. The other folders will need setting up, but this is easy:
```bash
mkdir -p $DAEMON_HOME/cosmovisor/genesis/bin && mkdir -p $DAEMON_HOME/cosmovisor/upgrades
```
#### Set up genesis binary
Cosmovisor needs to know which binary to use at genesis. We put this in `$DAEMON_HOME/cosmovisor/genesis/bin`.
First, find the location of the binary you want to use:
```bash
which swisstronikd
```
Then use the path returned to copy it to the directory Cosmovisor expects. Let's assume the previous command returned `/home/your-user/go/bin/swisstronik`:
```bash
cp $HOME/go/bin/swisstronikd $DAEMON_HOME/cosmovisor/genesis/bin
```
#### Cosmovisor init
Post v1 versions of Cosmovisor include a command that creates the directories and copy the `swisstronikd` binary into the proper directory. To execute this process, use the following command:
```bash
cosmovisor init $HOME/go/bin/swisstronikd
```
Once you're done, check that the folder structure looks correct using a tool like `tree`.
#### Setting up the service
Commands sent to Cosmovisor are sent to the underlying binary. For example, `cosmovisor version` is the same as typing `swisstronikd version`.
Nevertheless, similar to managing `swisstronikd` using a process manager, we want to ensure that Cosmovisor is automatically restarted in case of events like errors or reboots.
First, create the service file:
```
sudo nano /etc/systemd/system/swisstronikd.service
```
Modify the content below to match your setup.`cosmovisor` is likely located at `~/go/bin/cosmovisor` irrespective of the installation path you chose above, but it's worth verifying.
**Note** `cosmovisor run start` is only for the latest versions of cosmovisor. For earlier versions that line should be:
```bash
ExecStart=/home//go/bin/cosmovisor start
```
```sh
[Unit]
Description=Swisstronikd Daemon (cosmovisor)
After=network-online.target
[Service]
User=
ExecStart=/home//go/bin/cosmovisor run start
Restart=always
RestartSec=3
LimitNOFILE=65536
ProtectHome = true;
ProtectSystem = "strict";
PrivateTmp = true;
PrivateDevices = true;
ProtectHostname = true;
ProtectClock = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectKernelLogs = true;
ProtectControlGroups = true;
NoNewPrivileges = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RemoveIPC = true;
PrivateMounts = true;
Environment="DAEMON_NAME=swisstronikd"
Environment="DAEMON_HOME=/home//.swisstronik"
Environment="DAEMON_ALLOW_DOWNLOAD_BINARIES=false"
Environment="DAEMON_RESTART_AFTER_UPGRADE=true"
Environment="DAEMON_LOG_BUFFER_SIZE=512"
Environment=ENCLAVE_HOME=/home//.swisstronik-enclave
Environment=KEYMANAGER_HOME=/home//.swisstronik-enclave
[Install]
WantedBy=multi-user.target
```
#### **Download Snapshot**
Refer to our [snapshot](https://docs.swisstronik.com/swisstronik-docs/node-setup/setup-node/testnet/broken-reference) docs to download and extract Swisstronik testnet snapshot.
#### Start Cosmovisor
{% hint style="info" %}
If syncing from a snapshot, do not start Cosmovisor yet.
{% endhint %}
Finally, enable the service and start it.
```bash
sudo -S systemctl daemon-reload
sudo -S systemctl enable swisstronikd
# check config one last time before starting!
sudo systemctl start swisstronikd
```
Verify that it is running by using:
```bash
sudo systemctl status swisstronikd
```
If you need to monitor the service after launch, you can view the logs by using:
```bash
sudo journalctl -fu swisstronikd
```
#### Other considerations
This installation guide is the bare minimum to get a node started. As you progress and gain experience as a node operator, consider the following:
* Configure firewall to close most ports leaving only the p2p port (typically 26656);
* Use custom ports for each node so you can run multiple nodes on the same server;
* Do not expose unsafe endpoints, such as `unsafe = true`in `config.toml` or `debug`namespace at `json-rpc.api` in `app.toml`.
If you encounter any issues or discover a bug in this installation guide, please reach out to us and inform us.