Default Port Requirements for SSNs
|Inbound||33133||Protocol level port for receiving network data|
|Inbound||4501||Staking API service|
|Outbound||443||For getting initial node data for syncing|
Preparing the Node
Launching a seed node for staking is similar to launching a normal seed node, with some additional configuration steps.
In this guide, we will walk you through the steps on how to set up the seed node via
- Native build
You can go for either one of the options below (click to expand).
- Native Build
(Optional) Configuring Domain Name
Once your seed node is fully set up, it is time to configure your domain name to point to the address of your seed node.
If your seed node is not behind a load balancer, you can set an
A record in your domain registrar to point your domain/subdomain to your seed node’s IP address.
If your seed node is behind a load balancer, you can set a
CNAME record in your domain registrar to point your domain/subdomain to the hostname of your load balancer.
Whitelisting and API Servicing
It is necessary for the staked seed node to be whitelisted by Zilliqa in phase 1 in order to receive data broadcasts about the blockchain and its state. Currently, there are 2 forms of whitelisting supported:
- Whitelisting via a static IP
- Whitelisting via public key of the SSN
We recommend SSN operators to use the whitelisting by public key approach.
Testing Your SSN's JSON-RPC Port
To check whether your node's JSON-RPC server is publicly available, you can use the following curl command.
If you received the latest blockchain information (similar to the one below) from the staked seed node, your JSON-RPC service is running well.
Testing Your SSN's WebSocket Port
You can use an online WebSocket test utility to test whether your WebSocket is publicly accessible.
- Visit https://www.websocket.org/echo.html
- Under location, put your WebSocket URL link (e.g.,
wss://<yourdomain here or ip:port>)
- Click on connect
- If “CONNECTED” is shown in the log, your WebSocket port is publicly accessible
Different node operators may wish to have a different setup to secure their SSN. It is possible as long as:
- JSON-RPC port (by default 4201) and WebSocket port are accessible by anyone without any restriction
- Staking API port (by default 4501) is accessible by the verifier to check the SSN
SSN operators are allowed to:
- Serve the API service over TLS
- Change the default port numbers (please inform us)
- Point their domain or subdomain to the SSN
- Add a load balancer in front of their node
- Add additional services such as Cloudflare proxy in front of the node
- Run more than 1 SSN node behind a load balancer (these will collectively be treated as a single SSN)
SSN operators are not allowed to:
- Outsource API service to other node operators or Zilliqa seed nodes
- Restrict or censor any API service to the public or any region